|
|
|
|
Stable ChangeLog for S/390
|
|
Sun Aug 9 00:29:51 EDT 2009
patches/packages/bind-9.4.3_P3-s390-1_slack10.0.tgz: Upgraded.
This BIND update fixes a security problem where a specially crafted
dynamic update message packet will cause named to exit resulting in
a denial of service.
An active remote exploit is in wide circulation at this time.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
https://www.isc.org/node/479
(* Security fix *)
patches/packages/dhcp-3.1.2p1-s390-1_slack10.0.tgz: Upgraded.
A stack overflow vulnerability was fixed in dhclient that could allow
remote attackers to execute arbitrary commands as root on the system,
or simply terminate the client, by providing an over-long subnet-mask
option.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
(* Security fix *)
patches/packages/fetchmail-6.3.11-s390-1_slack10.0.tgz: Upgraded.
This update fixes an SSL NUL prefix impersonation attack through NULs in a
part of a X.509 certificate's CommonName and subjectAltName fields.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
(* Security fix *)
patches/packages/samba-3.0.36-s390-1_slack10.0.tgz: Upgraded.
This is a bugfix release.
+--------------------------+
Sat Jun 27 15:58:28 EDT 2009
patches/packages/samba-3.0.35-s390-1_slack10.0.tgz:
This upgrade fixes the following security issue:
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
(* Security fix *)
patches/packages/libpng-1.2.37-s390-1_slack10.0.tgz: Upgraded.
This update fixes a possible security issue. Jeff Phillips discovered an
uninitialized-memory-read bug affecting interlaced images that may have
security implications.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
(* Security fix *)
+--------------------------+
Sun Jun 7 18:07:00 EDT 2009
patches/packages/ntp-4.2.2p3-s390-1_slack10.0.tgz:
Patched a stack-based buffer overflow in the cookedprint function in
ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code
execution by a malicious remote NTP server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
(* Security fix *)
+--------------------------+
Fri May 29 15:29:47 EDT 2009
patches/packages/xpdf-3.02pl3-s390-1_slack10.0.tgz:
Upgraded to xpdf-3.02pl3.
This update fixes several overflows that may result in crashes or the
execution of arbitrary code as the xpdf user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
(* Security fix *)
+--------------------------+
Tue Apr 28 15:28:06 EDT 2009
patches/packages/lcms-1.18-s390-1_slack10.0.tgz: Upgraded to lcms-1.18.
This update fixes security issues discovered in LittleCMS by Chris Evans.
These flaws could cause program crashes (denial of service) or the execution
of arbitrary code as the user of the lcms-linked program.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
(* Security fix *)
+--------------------------+
Mon Mar 23 05:07:51 EDT 2009
patches/packages/apache-1.3.41-s390-1_slack10.0.tgz:
Upgraded to apache-1.3.41, the last regular release of the
Apache 1.3.x series, and a security bugfix-only release.
For more information about the security issues fixed, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
(* Security fix *)
patches/packages/bind-9.3.6_P1-s390-1_slack10.0.tgz:
Upgraded to bind-9.3.6-P1.
Fixed checking on return values from OpenSSL's EVP_VerifyFinal and
DSA_do_verify functions to prevent spoofing answers returned from zones using
the DNSKEY algorithms DSA and NSEC3DSA.
For more information, see:
https://www.isc.org/node/373
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
(* Security fix *)
patches/packages/bzip2-1.0.5-s390-1_slack10.0.tgz: Upgraded to bzip2-1.0.5.
Previous versions of bzip2 contained a buffer overread error that could cause
applications linked to libbz2 to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
(* Security fix *)
patches/packages/cups-1.1.21-s390-2_slack10.0.tgz:
Patched cups-1.1.21.
Errors in ipp.c may allow a remote attacker to crash CUPS resulting
in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
(* Security fix *)
patches/packages/curl-7.12.2-s390-3_slack10.0.tgz:
Patched curl-7.12.2.
This fixes a security issue where automatic redirection could be made to
follow file:// URLs, reading or writing a local instead of remote file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
(* Security fix *)
patches/packages/dnsmasq-2.45-s390-1_slack10.0.tgz:
Upgraded to dnsmasq-2.45.
It was discovered that earlier versions of dnsmasq have DNS cache
weaknesses that are similar to the ones recently discovered in BIND.
This new release minimizes the risk of cache poisoning.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)
patches/packages/fetchmail-6.3.8-s390-1_slack10.0.tgz:
Patched to fix a possible denial of service when "-v -v" options are used.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
(* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-11_slack10.0.tgz:
Upgraded to tzdata2008h for the latest world timezone changes.
patches/packages/libpng-1.2.35-s390-1_slack10.0.tgz:
Upgraded to libpng-1.2.35.
This fixes multiple memory-corruption vulnerabilities due to a failure to
properly initialize data structures.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt
(* Security fix *)
patches/packages/libxml2-2.6.32-s390-1_slack10.0.tgz:
Upgraded to libxml2-2.6.32 and patched.
This fixes vulnerabilities including denial of service, or possibly the
execution of arbitrary code as the user running a libxml2 linked application
if untrusted XML content is parsed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
(* Security fix *)
patches/packages/m4-1.4.11-s390-1_slack10.0.tgz: Upgraded to m4-1.4.11.
In addition to bugfixes and enhancements, this version of m4 also fixes two
issues with possible security implications. A minor security fix with the
use of "maketemp" and "mkstemp" -- these are now quoted to prevent the
(rather unlikely) possibility that an unquoted string could match an
existing macro causing operations to be done on the wrong file. Also,
a problem with the '-F' option (introduced with version 1.4) could cause a
core dump or possibly (with certain file names) the execution of arbitrary
code. For more information on these issues, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
(* Security fix *)
patches/packages/mod_ssl-2.8.31_1.3.41-s390-1_slack10.0.tgz:
Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41.
patches/packages/ntp-4.2.4p6-s390-1_slack10.0.tgz:
[Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value.
For more information, see:
https://lists.ntp.org/pipermail/announce/2009-January/000055.html
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
(* Security fix *)
patches/packages/openssh-5.0p1-s390-1_slack10.0.tgz:
Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded
X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
(* Security fix *)
patches/packages/rsync-2.6.9-s390-1_slack10.0.tgz:
Patched some security bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
http://lists.samba.org/archive/rsync-announce/2007/000050.html
(* Security fix *)
patches/packages/samba-3.0.33-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.33.
This package fixes an important barrier against rogue clients reading from
uninitialized memory (though no proof-of-concept is known to exist).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
(* Security fix *)
patches/packages/xine-lib-1.1.11.1-s390-3_slack10.0.tgz:
Recompiled, with --without-speex (we didn't ship the speex library in
Slackware anyway, but for reference this issue would be CVE-2008-1686),
and with --disable-nosefart (the recently reported as insecurely
demuxed NSF format). As before in -2, this package fixes the two
regressions mentioned in the release notes for xine-lib-1.1.12:
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
(* Security fix *)
patches/packages/xpdf-3.02pl2-s390-1_slack10.0.tgz:
Upgraded to xpdf-3.02pl2.
The pl2 patch fixes a crash in xpdf.
Some theorize that this could be used to execute arbitrary code if an
untrusted PDF file is opened, but no real-world examples are known (yet).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)
+--------------------------+
Mon Sep 24 00:36:56 EDT 2007
patches/packages/bind-9.2.8_P1-s390-1_slack10.0.tgz:
Upgraded to bind-9.2.8_P1 to fix a security issue.
The query IDs in BIND9 prior to BIND 9.2.8-P1 are cryptographically weak.
For more information on this issue, see:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
(* Security fix *)
patches/packages/openssh-4.7p1-s390-1_slack10.0.tgz:
Upgraded to openssh-4.7p1.
From the OpenSSH release notes:
"Security bugs resolved in this release: Prevent ssh(1) from using a
trusted X11 cookie if creation of an untrusted cookie fails; found and
fixed by Jan Pechanec."
While it's fair to say that we here at Slackware don't see how this could
be leveraged to compromise a system, a) the OpenSSH people (who presumably
understand the code better) characterize this as a security bug, b) it has
been assigned a CVE entry, and c) OpenSSH is one of the most commonly used
network daemons. Better safe than sorry.
More information should appear here eventually:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
(* Security fix *)
patches/packages/samba-3.0.26a-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.26a.
This fixes a security issue in all Samba 3.0.25 versions:
"Incorrect primary group assignment for domain users using the rfc2307
or sfu winbind nss info plugin."
For more information, see:
http://www.samba.org/samba/security/CVE-2007-4138.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
(* Security fix *)
patches/packages/tcpdump-3.9.7-s390-1_slack10.0.tgz:
Upgraded to libpcap-0.9.7, tcpdump-3.9.7.
This new version fixes an integer overflow in the BGP dissector which
could possibly allow remote attackers to crash tcpdump or to execute
arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
(* Security fix *)
patches/packages/xpdf-3.02pl1-s390-1_slack10.0.tgz:
Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly
be leveraged to run arbitrary code if a malicious PDF file is processed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
(* Security fix *)
+--------------------------+
Sun May 27 15:00:40 EDT 2007
patches/packages/libpng-1.2.18-s390-1_slack10.0.tgz:
Upgraded to libpng-1.2.18.
A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some
libpng applications. This vulnerability has been assigned the identifiers
CVE-2007-2445 and CERT VU#684664.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
(* Security fix *)
patches/packages/samba-3.0.25a-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.25a. This fixes some major (non-security) bugs in
samba-3.0.25. See the WHATSNEW.txt for details.
patches/packages/xine-lib-1.1.6-s390-1_slack10.0.tgz:
Upgraded to xine-lib-1.1.6.
This fixes overflows in xine-lib in some little-used media formats in
xine-lib < 1.1.5 and other bugs in xine-lib < 1.1.6. The overflows in
xine-lib < 1.1.5 could definitely cause an application using xine-lib to
crash, and it is theorized that a malicious media file could be made to run
arbitrary code in the context of the user running the application.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
(* Security fix *)
+--------------------------+
Wed May 16 13:36:34 EDT 2007
patches/packages/samba-3.0.25-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.25.
Security Fixes included in the Samba 3.0.25 release are:
o CVE-2007-2444
Versions: Samba 3.0.23d - 3.0.25pre2
Local SID/Name translation bug can result in
user privilege elevation
o CVE-2007-2446
Versions: Samba 3.0.0 - 3.0.24
Multiple heap overflows allow remote code execution
o CVE-2007-2447
Versions: Samba 3.0.0 - 3.0.24
Unescaped user input parameters are passed as
arguments to /bin/sh allowing for remote command
execution
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
(* Security fix *)
+--------------------------+
Wed Apr 4 13:33:38 EDT 2007
patches/packages/file-4.20-s390-1_slack10.0.tgz:
Upgraded to file-4.20.
This fixes a heap overflow that could allow code to be executed as the
user running file (note that there are many scenarios where file might be
used automatically, such as in virus scanners or spam filters).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
(* Security fix *)
+--------------------------+
Tue Apr 3 20:30:03 EDT 2007
patches/packages/bind-9.2.8-s390-1_slack10.0.tgz:
Upgraded to bind-9.2.8. This update fixes two denial of service
vulnerabilities where an attacker could crash the name server with
specially crafted malformed data.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
(* Security fix *)
patches/packages/fetchmail-6.3.6-s390-1_slack10.0.tgz:
Upgraded to fetchmail-6.3.6. This fixes two security issues. First, a bug
introduced in fetchmail-6.3.5 could cause fetchmail to crash. However,
no stable version of Slackware ever shipped fetchmail-6.3.5. Second, a long
standing bug (reported by Isaac Wilcox) could cause fetchmail to send a
password in clear text or omit using TLS even when configured otherwise.
All fetchmail users are encouraged to consider using getmail, or to upgrade
to the new fetchmail packages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
(* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-7_slack10.0.tgz:
Updated with tzdata2007b for impending Daylight Savings Time
changes in the US.
patches/packages/gnupg-1.4.7-s390-1_slack10.0.tgz: Upgraded to gnupg-1.4.7.
This fixes a security problem that can occur when GnuPG is used incorrectly.
Newer versions attempt to prevent such misuse.
For more information, see:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
(* Security fix *)
patches/packages/samba-3.0.24-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.24. From the WHATSNEW.txt file:
"Important issues addressed in 3.0.24 include:
o Fixes for the following security advisories:
- CVE-2007-0452 (Potential Denial of Service bug in smbd)
- CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
NSS library on Solaris)
- CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)"
Samba is Slackware is vulnerable to the first issue, which can cause smbd
to enter into an infinite loop, disrupting Samba services. Linux is not
vulnerable to the second issue, and Slackware does not ship the afsacl.so
VFS plugin (but it's something to be aware of if you build Samba with
custom options).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
(* Security fix *)
+--------------------------+
Thu Mar 15 01:48:14 EDT 2007
patches/packages/bind-9.2.8-s390-1_slack10.0.tgz:
Upgraded to bind-9.2.8. This update fixes two denial of service
vulnerabilities where an attacker could crash the name server with
specially crafted malformed data.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
(* Security fix *)
patches/packages/fetchmail-6.3.6-s390-1_slack10.0.tgz:
Upgraded to fetchmail-6.3.6. This fixes two security issues. First, a bug
introduced in fetchmail-6.3.5 could cause fetchmail to crash. However,
no stable version of Slackware ever shipped fetchmail-6.3.5. Second, a long
standing bug (reported by Isaac Wilcox) could cause fetchmail to send a
password in clear text or omit using TLS even when configured otherwise.
All fetchmail users are encouraged to consider using getmail, or to upgrade
to the new fetchmail packages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
(* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-7_slack10.0.tgz:
Updated with tzdata2007b for impending Daylight Savings Time
changes in the US.
patches/packages/gnupg-1.4.7-s390-1_slack10.0.tgz: Upgraded to gnupg-1.4.7.
This fixes a security problem that can occur when GnuPG is used incorrectly.
Newer versions attempt to prevent such misuse.
For more information, see:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
(* Security fix *)
patches/packages/samba-3.0.24-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.24. From the WHATSNEW.txt file:
"Important issues addressed in 3.0.24 include:
o Fixes for the following security advisories:
- CVE-2007-0452 (Potential Denial of Service bug in smbd)
- CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
NSS library on Solaris)
- CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)"
Samba is Slackware is vulnerable to the first issue, which can cause smbd
to enter into an infinite loop, disrupting Samba services. Linux is not
vulnerable to the second issue, and Slackware does not ship the afsacl.so
VFS plugin (but it's something to be aware of if you build Samba with
custom options).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
(* Security fix *)
+--------------------------+
Sun Jan 14 22:30:33 EST 2007
patches/packages/gnupg-1.4.6-s390-1_slack10.0.tgz:
Upgraded to gnupg-1.4.6. This release fixes a severe and exploitable
bug in earlier versions of gnupg. All gnupg users should update to the
new packages as soon as possible. For details, see the information
concerning CVE-2006-6235 posted on lists.gnupg.org:
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
This update also addresses a more minor security issue possibly
exploitable when GnuPG is used in interactive mode. For more information
about that issue, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
(* Security fix *)
patches/packages/libpng-1.2.14-s390-1_slack10.0.tgz:
Upgraded to libpng-1.2.14. This fixes a bug where a specially crafted PNG
file could crash applications that use libpng.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
(* Security fix *)
patches/packages/proftpd-1.3.0a-s390-1_slack10.0.tgz:
Upgraded to proftpd-1.3.0a plus an additional security patch. Several
security issues were found in proftpd that could lead to the execution of
arbitrary code by a remote attacker, including one in mod_tls that does
not require the attacker to be authenticated first.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
(* Security fix *)
patches/packages/tar-1.16-s390-1_slack10.0.tgz:
Upgraded to tar-1.16.
This fixes an issue where files may be extracted outside of the current
directory, possibly allowing a malicious tar archive, when extracted, to
overwrite any of the user's files (in the case of root, any file on the
system).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
(* Security fix *)
patches/packages/xine-lib-1.1.3-s390-1_slack10.0.tgz:
Upgraded to xine-lib-1.1.3 which fixes possible security problems
such as a heap overflow in libmms and a buffer overflow in the
Real Media input plugin.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200
(* Security fix *)
+--------------------------+
Tue Nov 14 23:39:49 EST 2006
patches/packages/bind-9.2.6_P2-s390-1_slack10.0.tgz:
Upgraded to bind-9.2.6-P2. This fixes some security issues related to
previous fixes in OpenSSL. The minimum OpenSSL version was raised to
OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws
in older versions (these patches were already issued for Slackware). If you
have not upgraded yet, get those as well to prevent a potentially exploitable
security problem in named. In addition, the default RSA exponent was changed
from 3 to 65537. RSA keys using exponent 3 (which was previously BIND's
default) will need to be regenerated to protect against the forging
of RRSIGs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
(* Security fix *)
+--------------------------+
Sat Nov 4 21:52:29 EST 2006
patches/packages/screen-4.0.3-s390-1_slack10.0.tgz: Upgraded to screen-4.0.3.
This addresses an issue with the way screen handles UTF-8 character encoding
that could allow screen to be crashed (or possibly code to be executed in the
context of the screen user) if a specially crafted sequence of pseudo-UTF-8
characters are displayed withing a screen session.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573
(* Security fix *)
patches/packages/qt-3.3.3-s390-2_slack10.0.tgz: Patched.
This fixes an issue with Qt's handling of pixmap images that causes Qt linked
applications to crash if a specially crafted malicious image is loaded.
Inspection of the code in question makes it seem unlikely that this could
lead to more serious implications (such as arbitrary code execution), but it
is recommended that users upgrade to the new Qt package.
For more information, see:
http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
(* Security fix *)
+--------------------------+
Sat Sep 30 00:02:44 EDT 2006
patches/packages/openssl-0.9.7l-s390-1_slack10.0.tgz:
Upgraded to shared libraries from openssl-0.9.7l.
See openssl package update below.
(* Security fix *)
patches/packages/openssh-4.4p1-s390-1_slack10.0.tgz:
Upgraded to openssh-4.4p1.
This fixes a few security related issues. From the release notes found at
http://www.openssh.com/txt/release-4.4:
* Fix a pre-authentication denial of service found by Tavis Ormandy,
that would cause sshd(8) to spin until the login grace time
expired.
* Fix an unsafe signal hander reported by Mark Dowd. The signal
handler was vulnerable to a race condition that could be exploited
to perform a pre-authentication denial of service. On portable
OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication
is enabled, but the likelihood of successful exploitation appears
remote.
* On portable OpenSSH, fix a GSSAPI authentication abort that could
be used to determine the validity of usernames on some platforms.
Links to the CVE entries will be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
After this upgrade, make sure the permissions on /etc/rc.d/rc.sshd are set
the way you want them. Future upgrades will respect the existing permissions
settings. Thanks to Manuel Reimer for pointing out that upgrading openssh
would enable a previously disabled sshd daemon.
Do better checking of passwd, shadow, and group to avoid adding
redundant entries to these files. Thanks to Menno Duursma.
(* Security fix *)
patches/packages/openssl-0.9.7l-s390-1_slack10.0.tgz:
Upgraded to openssl-0.9.7l.
This fixes a few security related issues:
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. This can result in an infinite loop which
consumes system memory (CVE-2006-2937). (This issue did not affect
OpenSSL versions prior to 0.9.7)
Thanks to Dr S. N. Henson of Open Network Security and NISCC.
Certain types of public key can take disproportionate amounts of
time to process. This could be used by an attacker in a denial of
service attack (CVE-2006-2940).
Thanks to Dr S. N. Henson of Open Network Security and NISCC.
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer.
(CVE-2006-3738)
Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
A flaw in the SSLv2 client code was discovered. When a client
application used OpenSSL to create an SSLv2 connection to a malicious
server, that server could cause the client to crash (CVE-2006-4343).
Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
Links to the CVE entries will be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
(* Security fix *)
+--------------------------+
Sat Sep 23 20:53:36 EDT 2006
patches/packages/gzip-1.3.5-s390-1_slack10.0.tgz:
Upgraded to gzip-1.3.5, and fixed a variety of bugs.
Some of the bugs have possible security implications if gzip or its tools are
fed a carefully constructed malicious archive. Most of these issues were
recently discovered by Tavis Ormandy and the Google Security Team. Thanks
to them, and also to the ALT and Owl developers for cleaning up the patch.
For further details about the issues fixed, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
(* Security fix *)
patches/packages/openssl-0.9.7d-s390-3_slack10.0.tgz: Patched an issue where
it is possible to forge certain kinds of RSA signatures.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
patches/packages/openssl-solibs-0.9.7d-s390-3_slack10.0.tgz: Patched an issue
where it is possible to forge certain kinds of RSA signatures.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
(* Security fix *)
+--------------------------+
Sat Sep 16 14:03:04 EDT 2006
patches/packages/libtiff-3.7.0-s390-1.tgz: Removed, since this was an older
version than libtiff-3.8.2-s390-1_slack10.0.tgz
+--------------------------+
Sat Sep 9 21:32:02 EDT 2006
patches/packages/bind-9.2.6_P1-s390-1_slack10.0.tgz
Upgraded to bind-9.2.6_P1.
This update addresses a denial of service vulnerability.
BIND's CHANGES file says this:
2066. [security] Handle SIG queries gracefully. [RT #16300]
The best discussion I've found is in FreeBSD's advisory, so here's a link:
http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc
Also, fixed some missing man pages. (noticed by Xavier Thomassin -- thanks)
(* Security fix *)
patches/packages/bootshell-1.3-s390-2.tgz:
Rebuilt bootshell as static, not dynamic. If your /usr file
system isn't available, you still want to be able to log in
to your system so you can fix it. ;)
+--------------------------+
Sun Aug 27 14:04:47 EDT 2006
patches/packages/gnupg-1.4.5-s390-1_slack10.0.tgz:
Upgraded to gnupg-1.4.5.
From the gnupg-1.4.5 NEWS file:
* Fixed 2 more possible memory allocation attacks. They are
similar to the problem we fixed with 1.4.4. This bug can easily
be be exploited for a DoS; remote code execution is not entirely
impossible.
(* Security fix *)
patches/packages/libtiff-3.8.2-s390-1_slack10.0.tgz:
Patched vulnerabilities in libtiff which were found by Tavis Ormandy of
the Google Security Team. These issues could be used to crash programs
linked to libtiff or possibly to execute code as the program's user.
A low risk command-line overflow in tiffsplit was also patched.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
(* Security fix *)
+--------------------------+
Sun Aug 6 17:47:25 EDT 2006
slackware/n/iproute2-2.6.7-ss040608-s390-1.tgz: Built iproute2. Not sure
why this was never done before.
+--------------------------+
Sat Jul 29 17:46:17 EDT 2006
patches/packages/apache-1.3.37-s390-1_slack10.0.tgz:
Upgraded to apache-1.3.37.
From the announcement on httpd.apache.org:
This version of Apache is security fix release only. An off-by-one flaw
exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3
since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
The Slackware Security Team feels that the vast majority of installations
will not be configured in a vulnerable way but still suggests upgrading to
the new apache and mod_ssl packages for maximum security.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
And see Apache's announcement here:
http://www.apache.org/dist/httpd/Announcement1.3.html
(* Security fix *)
patches/packages/mod_ssl-2.8.28_1.3.37-s390-1_slack10.0.tgz:
Upgraded to mod_ssl-2.8.28-1.3.37.
patches/packages/mutt-1.4.2.2i-s390-1_slack10.0.tgz:
Upgraded to mutt-1.4.2.2i.
This release fixes CVE-2006-3242, a buffer overflow that could be triggered
by a malicious IMAP server.
[Connecting to malicious IMAP servers must be common, right? -- Ed.]
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
(* Security fix *)
patches/packages/samba-3.0.23-s390-2_slack10.0.tgz:
Patched a problem in nsswitch/wins.c that caused crashes in the wins
and/or winbind libraries.
Thanks to Mikhail Kshevetskiy for pointing out the issue and offering
a reference to the patch in Samba's source repository.
Also, this version of Samba evidently created a new dependency on libdm.so
(found in the xfsprogs package in non -current Slackware versions). This
additional dependency was not intentional, and has been corrected.
patches/packages/tcpip-0.17-s390-29c_slack10.0.tgz:
Repatched the telnet client with the official OpenBSD patch that had
already replaced the original security fix in Slackware 9.1, 10.2 and
-current. Thanks to Dragan Simic for reporting the issue, and my
apologies for taking so long to address the insufficiencies of the
original patch in Slackware 10.0 and 10.1.
+--------------------------+
Sun Jul 16 17:07:16 EDT 2006
patches/packages/samba-3.0.23-s390-1_slack10.0.tgz:
Upgraded to samba-3.0.23.
This fixes a minor memory exhaustion DoS in smbd.
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
(* Security fix *)
+--------------------------+
Sun Jul 2 19:34:29 EDT 2006
patches/packages/arts-1.2.3-s390-2_slack10.0.tgz:
Patched to fix a possible exploit if artswrapper is setuid root (which,
by default, it is not) and the system is running a 2.6 kernel.
Systems running 2.4 kernels are not affected.
The official KDE security advisory may be found here:
http://www.kde.org/info/security/advisory-20060614-2.txt
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
(* Security fix *)
patches/packages/gnupg-1.4.4-s390-1_slack10.0.tgz:
This version fixes a memory allocation issue that could allow an attacker to
crash GnuPG creating a denial-of-service.
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
patches/packages/kdebase-3.2.3-s390-4_slack10.0.tgz:
Patched a problem with kdm where it could be abused to read any file
on the system.
The official KDE security advisory may be found here:
http://www.kde.org/info/security/advisory-20060614-1.txt
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449
(* Security fix *)
patches/packages/samba-3.0.9-s390-2.tgz: Fixed a problem with the prototype
that was causing /usr/lib/libsmbclient.so to not be included.
+--------------------------+
Thu Jun 15 13:46:39 EDT 2006
patches/packages/sendmail-8.13.7-s390-1_slack10.0.tgz:
Upgraded to sendmail-8.13.7.
Fixes a potential denial of service problem caused by excessive recursion
leading to stack exhaustion when attempting delivery of a malformed MIME
message. This crashes sendmail's queue processing daemon, which in turn
can lead to two problems: depending on the settings, these crashed
processes may create coredumps which could fill a drive partition; and
such a malformed message in the queue will cause queue processing to
cease when the message is reached, causing messages that are later in
the queue to not be processed.
Sendmail's complete advisory may be found here:
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
Sendmail has also provided an FAQ about this issue:
http://www.sendmail.com/security/advisories/SA-200605-01/faq.shtml
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
(* Security fix *)
patches/packages/sendmail-cf-8.13.7-noarch-1_slack10.0.tgz:
Upgraded to sendmail-8.13.7 configs.
+--------------------------+
Sat Jun 10 14:22:53 EDT 2006
patches/packages/apache-1.3.35-s390-2_slack10.0.tgz:
Patched to fix totally broken Include behavior.
Thanks to Francesco Gringoli for reporting this bug.
Upgraded to apache-1.3.35.
From the official announcement:
Of particular note is that 1.3.35 addresses and fixes 1 potential
security issue: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
(* Security fix *)
patches/packages/mod_ssl-2.8.26_1.3.35-s390-1_slack10.0.tgz:
Upgraded to mod_ssl-2.8.26-1.3.35.
This is an updated version designed for Apache 1.3.35.
patches/packages/mozilla-1.7.13-s390-1.tgz: Upgraded to mozilla-1.7.13.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla
This release marks the end-of-life of the Mozilla 1.7.x series:
http://developer.mozilla.org/devnews/index.php/2006/04/12/sunset-announcement-for-fxtb-10x-and-mozilla-suite-17x/
Mozilla Corporation is recommending that users think about
migrating to Firefox and Thunderbird.
(* Security fix *)
patches/packages/mozilla-plugins-1.7.13-noarch-1.tgz:
Updated for mozilla-1.7.13.
patches/packages/mysql-4.0.27-s390-1_slack10.0.tgz:
Upgraded to mysql-4.0.27.
This fixes some minor security issues with possible information leakage.
Note that the information leakage bugs require that the attacker have
access to an account on the database. Also note that by default,
Slackware's rc.mysqld script does *not* allow access to the database
through the outside network (it uses the --skip-networking option).
If you've enabled network access to MySQL, it is a good idea to filter
the port (3306) to prevent access from unauthorized machines.
For more details, see the MySQL 4.0.27 release announcement here:
http://lists.mysql.com/announce/359
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
(* Security fix *)
+--------------------------+
Sun Apr 2 20:29:00 EST 2006
patches/packages/fetchmail-6.3.2-s390-1.tgz: Upgraded to fetchmail-6.3.2.
Presumably this replaces all the known security problems with
a batch of new unknown ones. (fetchmail is improving, really ;-)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0321
(* Security fix *)
patches/packages/gnupg-1.4.2.2-s390-1.tgz: Upgraded to gnupg-1.4.2.2.
There have been two security related issues reported recently with GnuPG.
From the GnuPG 1.4.2.1 and 1.4.2.2 NEWS files:
Noteworthy changes in version 1.4.2.2 (2006-03-08)
* Files containing several signed messages are not allowed any
longer as there is no clean way to report the status of such
files back to the caller. To partly revert to the old behaviour
the new option --allow-multisig-verification may be used.
Noteworthy changes in version 1.4.2.1 (2006-02-14)
* Security fix for a verification weakness in gpgv. Some input
could lead to gpgv exiting with 0 even if the detached signature
file did not carry any signature. This is not as fatal as it
might seem because the suggestion as always been not to rely on
th exit code but to parse the --status-fd messages. However it
is likely that gpgv is used in that simplified way and thus we
do this release. Same problem with "gpg --verify" but nobody
should have used this for signature verification without
checking the status codes anyway. Thanks to the taviso from
Gentoo for reporting this problem.
(* Security fix *)
patches/packages/kdegraphics-3.2.3-s390-2.tgz: Patched integer and
heap overflows in kpdf to fix possible security bugs with malformed
PDF files.
For more information, see:
http://www.kde.org/info/security/advisory-20051207-2.txt
http://www.kde.org/info/security/advisory-20060202-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301
(* Security fix *)
patches/packages/kdelibs-3.2.3-s390-3.tgz: Patched a heap overflow
vulnerability in kjs, the JavaScript interpreter engine used by
Konqueror and other parts of KDE.
For more information, see:
http://www.kde.org/info/security/advisory-20060119-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0019
(* Security fix *)
patches/packages/openssh-4.3p1-s390-1.tgz: Upgraded to openssh-4.3p1.
This fixes a security issue when using scp to copy files that could
cause commands embedded in filenames to be executed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
(* Security fix *)
patches/packages/sendmail-8.13.6-s390-1.tgz: Upgraded to sendmail-8.13.6.
This new version of sendmail contains a fix for a security problem
discovered by Mark Dowd of ISS X-Force. From sendmail's advisory:
Sendmail was notified by security researchers at ISS that, under some
specific timing conditions, this vulnerability may permit a specifically
crafted attack to take over the sendmail MTA process, allowing remote
attackers to execute commands and run arbitrary programs on the system
running the MTA, affecting email delivery, or tampering with other
programs and data on this system. Sendmail is not aware of any public
exploit code for this vulnerability. This connection-oriented
vulnerability does not occur in the normal course of sending and
receiving email. It is only triggered when specific conditions are
created through SMTP connection layer commands.
Sendmail's complete advisory may be found here:
http://www.sendmail.com/company/advisory/index.shtml
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
(* Security fix *)
patches/packages/sendmail-cf-8.13.6-noarch-1.tgz:
Upgraded to sendmail-8.13.6 configuration files.
patches/packages/sudo-1.6.8p12-s390-1.tgz: Upgraded to sudo-1.6.8p12.
This fixes an issue where a user able to run a Python script through sudo
may be able to gain root access.
IMHO, running any kind of scripting language from sudo is still not safe...
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0151
(* Security fix *)
patches/packages/xpdf-3.01-s390-3.tgz: Recompiled with xpdf-3.01pl2.patch to
fix integer and heap overflows in xpdf triggered by malformed PDF files.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301
(* Security fix *)
+--------------------------+
Fri Dec 16 13:35:00 EST 2005
patches/packages/curl-7.12.2-s390-1.tgz: Patched. This addresses a buffer
overflow in libcurl's NTLM function that could have possible security
implications.
For more details, see:
http://curl.haxx.se/docs/security.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
(* Security fix *)
patches/packages/elm-2.5.8-s390-1.tgz: Upgraded to elm2.5.8.
This fixes a buffer overflow in the parsing of the Expires header that
could be used to execute arbitrary code as the user running Elm.
Thanks to Ulf Harnhammar for finding the bug and reminding me to get
out updated packages to address the issue.
A reference to the original advisory:
http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html
patches/packages/lynx-2.8.5rel.5-s390-1.tgz: Upgraded to lynx-2.8.5rel.5.
Fixes an issue where the handling of Asian characters when using lynx to
connect to an NNTP server (is this a common use?) could result in a buffer
overflow causing the execution of arbitrary code.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120
(* Security fix *)
patches/packages/mod_ssl-2.8.25_1.3.34-s390-1.tgz:
Upgraded to mod_ssl-2.8.25-1.3.34.
patches/packages/wget-1.10.2-s390-1.tgz: Upgraded to wget-1.10.2.
This addresses a buffer overflow in wget's NTLM handling function that could
have possible security implications.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
(* Security fix *)
+--------------------------+
Fri Dec 16 03:18:00 EST 2005
patches/packages/imapd-4.64-s390-1.tgz: Upgraded to imapd-4.64.
A buffer overflow was reported in the mail_valid_net_parse_work function.
However, this function in the c-client library does not appear to be called
from anywhere in imapd. iDefense states that the issue is of LOW risk to
sites that allow users shell access, and LOW-MODERATE risk to other servers.
I believe it's possible that it is of NIL risk if the function is indeed
dead code to imapd, but draw your own conclusions...
(* Security fix *)
patches/packages/koffice-1.3.1-s390-3.tgz: Patched.
Fixes a buffer overflow in KWord's RTF import discovered by Chris Evans.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2971
(* Security fix *)
patches/packages/openssl-0.9.7d-s390-2.tgz: Patched.
Fixed a vulnerability that could, in rare circumstances, allow an attacker
acting as a "man in the middle" to force a client and a server to negotiate
the SSL 2.0 protocol (which is known to be weak) even if these parties both
support SSL 3.0 or TLS 1.0.
For more details, see:
http://www.openssl.org/news/secadv_20051011.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
(* Security fix *)
patches/packages/openssl-solibs-0.9.7d-s390-2.tgz: Patched.
(* Security fix *)
patches/packages/pine-4.64-s390-1.tgz: Upgraded to pine-4.64.
patches/packages/x11-6.7.0-s390-3.tgz: Patched a pixmap overflow issue.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495
(* Security fix *)
patches/packages/x11-xnest-6.7.0-s390-3.tgz: Patched and rebuilt.
patches/packages/x11-xprt-6.7.0-s390-3.tgz: Patched and rebuilt.
patches/packages/x11-xvfb-6.7.0-s390-3.tgz: Patched and rebuilt.
patches/packages/xine-lib-1.0.3a-s390-1.tgz: Upgraded to xine-lib-1.0.3a.
This fixes a format string bug where an attacker, if able to upload malicious
information to a CDDB server and then get a local user to play a certain
audio CD, may be able to run arbitrary code on the machine as the user
running the xine-lib linked application.
For more information, see:
http://xinehq.de/index.php/security/XSA-2005-1
(* Security fix *)
+--------------------------+
Thu Dec 15 03:14:00 EST 2005
patches/packages/apache-1.3.34-s390-1.tgz: Upgraded to apache-1.3.34.
Fixes this minor security bug: "If a request contains both Transfer-Encoding
and Content-Length headers, remove the Content-Length, mitigating some HTTP
Request Splitting/Spoofing attacks."
(* Security fix *)
patches/packages/dhcpcd-1.3.22pl4-s390-2.tgz: Patched an issue where a
remote attacker can cause dhcpcd to crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
(* Security fix *)
patches/packages/gaim-1.5.0-s390-1.tgz: Upgraded to gaim-1.5.0.
This fixes some more security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370
(* Security fix *)
patches/packages/kdebase-3.2.3-s390-3.tgz: Patched a security bug in
kcheckpass that could allow a local user to gain root privileges.
For more information, see:
http://www.kde.org/info/security/advisory-20050905-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494
(* Security fix *)
patches/packages/mozilla-1.7.12-s390-1.tgz: Upgraded to mozilla-1.7.12.
This fixes several security issues. For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
(* Security fix *)
patches/packages/mozilla-plugins-1.7.12-noarch-1.tgz: Upgraded Java(TM)
symlink for Mozilla.
patches/packages/pcre-6.3-s390-1.tgz: Upgraded to pcre-6.3.
This fixes a buffer overflow that could be triggered by the processing of a
specially crafted regular expression. Theoretically this could be a security
issue if regular expressions are accepted from untrusted users to be
processed by a user with greater privileges, but this doesn't seem like a
common scenario (or, for that matter, a good idea). However, if you are
using an application that links to the shared PCRE library and accepts
outside input in such a manner, you will want to update to this new package.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
patches/packages/php-4.3.11-s390-3.tgz: Relinked with the system PCRE library,
as the builtin library has a buffer overflow that could be triggered by the
processing of a specially crafted regular expression.
Note that this change requires the pcre package to be installed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the
insecure eval() function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498
(* Security fix *)
patches/packages/util-linux-2.12a-s390-2.tgz: Patched an issue with
umount where if the umount failed when the '-r' option was used, the
filesystem would be remounted read-only but without any extra flags
specified in /etc/fstab. This could allow an ordinary user able to
mount a floppy or CD (but with nosuid, noexec, nodev, etc in
/etc/fstab) to run a setuid binary from removable media and gain
root privileges.
Reported to BugTraq by David Watson:
http://www.securityfocus.com/archive/1/410333
(* Security fix *)
+--------------------------+
Sun Jul 31 23:28:19 EDT 2005
patches/packages/dnsmasq-2.22-s390-1.tgz: Upgraded to dnsmasq-2.22.
This fixes an off-by-one overflow vulnerability may allow a DHCP
client to create a denial of service condition. Additional code was
also added to detect and defeat attempts to poison the DNS cache.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877
(* Security fix *)
patches/packages/fetchmail-6.2.5.2-s390-1.tgz:
Upgraded to fetchmail-6.2.5.2.
This fixes an overflow by which malicious or compromised POP3 servers
may overflow fetchmail's stack.
For more information, see:
http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
(* Security fix *)
patches/packages/gaim-1.3.1-s390-1.tgz: Upgraded to gaim-1.3.1 and
gaim-encryption-2.38. This fixes a couple of remote crash bugs, so
users of the MSN and Yahoo! chat protocols should upgrade to gaim-1.3.1.
(* Security fix *)
patches/packages/gxine-0.4.6-s390-1.tgz: Upgraded to gxine-0.4.6.
This fixes a format string vulnerability that allows remote attackers to
execute arbitrary code via a ram file with a URL whose hostname contains
format string specifiers.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1692
(* Security fix *)
patches/packages/infozip-5.52-s390-1.tgz: Upgraded to unzip552.tar.gz and
zip231.tar.gz. These fix some buffer overruns if deep directory paths are
packed into a Zip archive which could be a security vulnerability (for
example, in a case of automated archiving or backups that use Zip). However,
it also appears that these now use certain assembly instructions that might
not be available on older CPUs, so if you have an older machine you may wish
to take this into account before deciding whether you should upgrade.
(* Security fix *)
patches/packages/kdenetwork-3.2.3-s390-2.tgz: Patched overflows in
libgadu (used by kopete) that can cause a denial of service or
arbitrary code execution.
For more information, see:
http://www.kde.org/info/security/advisory-20050721-1.txt
(* Security fix *)
patches/packages/mozilla-1.7.10-s390-1.tgz: Upgraded to mozilla-1.7.10.
This fixes several security issues. For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
(* Security fix *)
Fixed a folder switching bug.
Thanks to Peter Santoro for pointing out the patch.
patches/packages/mozilla-plugins-1.7.10-noarch-1.tgz: Upgraded Java(TM)
symlink for Mozilla.
patches/packages/ncftp-3.1.9-s390-1.tgz: Upgraded to ncftp-3.1.9.
This corrects a vulnerability where a download from a hostile FTP server
might be written to an unintended location potentially compromising system
security or causing a denial of service.
For more details, see:
http://www.ncftp.com/ncftp/doc/changelog.html#3.1.5
(* Security fix *)
patches/packages/php-4.3.11-s390-2.tgz: Upgraded PEAR XML_RPC class.
This new PHP package fixes a PEAR XML_RPC vulnerability. Sites that use
this PEAR class should upgrade to the new PHP package, or as a minimal
fix may instead upgrade the XML_RPC PEAR class with the following command:
pear upgrade XML_RPC
(* Security fix *)
patches/packages/sudo-1.6.8p9-s390-1.tgz: Upgraded to sudo-1.6.8p9.
This new version of Sudo fixes a race condition in command pathname handling
that could allow a user with Sudo privileges to run arbitrary commands.
For full details, see the Sudo site:
http://www.courtesan.com/sudo/alerts/path_race.html
(* Security fix *)
patches/packages/tcpdump-3.9.3-s390-1.tgz: Upgraded to libpcap-0.9.3 and
tcpdump-3.9.3. This fixes an issue where an invalid BGP packet can
cause tcpdump to go into an infinate loop, effectively disabling network
monitoring.
(* Security fix *)
patches/packages/tcpip-0.17-s390-2.tgz: Patched two overflows in
the telnet client that could allow the execution of arbitrary code
when connected to a malicious telnet server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
(* Security fix *)
patches/packages/xine-lib-1.0.1-s390-1.tgz: Upgraded to xine-lib-1.0.1.
This fixes some bugs in the MMS and Real RTSP streaming client code.
While the odds of this vulnerability being usable to a remote attacker are
low (but see the xine advisory), if you stream media from sites using these
protocols (and you think the sites might be "hostile" and will try to hack
into your xine client), then you might want to upgrade to this new version
of xine-lib. Probably the other fixes and enchancements in xine-lib-1.0.1
are a better rationale to do so, though.
For more details on the xine-lib security issues, see:
http://xinehq.de/index.php/security/XSA-2004-8
(* Security fix *)
patches/packages/xine-ui-0.99.3-s390-1.tgz: Upgraded to xine-ui-0.99.3.
patches/packages/xv-3.10a-s390-2.tgz: Upgraded to the latest XV jumbo
patches, xv-3.10a-jumbo-fix-patch-20050410 and
xv-3.10a-jumbo-enh-patch-20050501. These fix a number of format string
and other possible security issues in addition to providing many other
bugfixes and enhancements.
(Thanks to Greg Roelofs)
(* Security fix *)
patches/packages/zlib-1.2.3-s390-1.tgz: Upgraded to zlib-1.2.3.
This fixes an additional crash not fixed by the patch to zlib-1.2.2.
(* Security fix *)
Patched an overflow in zlib that could cause applications using zlib
to crash. The overflow does not involve user supplied data, and therefore
does not allow the execution of arbitrary code. However, it could still
be used by a remote attacker to create a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
(* Security fix *)
+--------------------------+
Sat Jul 30 14:15:00 EDT 2005
patches/packages/cvs-1.11.20-s390-1.tgz: Upgraded to cvs-1.11.20.
From cvshome.org: "This version fixes many minor security issues in the
CVS server executable including a potentially serious buffer overflow
vulnerability with no known exploit. We recommend this upgrade for all CVS
servers!"
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753
(* Security fix *)
patches/packages/python-2.3.5-s390-1.tgz: Upgraded to python-2.3.5.
From the python.org site: "The Python development team has discovered a flaw
in the SimpleXMLRPCServer library module which can give remote attackers
access to internals of the registered object or its module or possibly other
modules. The flaw only affects Python XML-RPC servers that use the
register_instance() method to register an object without a _dispatch()
method. Servers using only register_function() are not affected."
For more details, see:
http://python.org/security/PSF-2005-001/
(* Security fix *)
patches/packages/python-demo-2.3.5-noarch-1.tgz: Upgraded to python-2.3.5
demos.
patches/packages/python-tools-2.3.5-noarch-1.tgz: Upgraded to python-2.3.5
tools.
+--------------------------+
Sun Apr 10 18:01:07 EDT 2005
patches/packages/php-4.3.11-s390-1.tgz: Upgraded to php-4.3.11.
"This is a maintenance release that in addition to over 70 non-critical bug
fixes addresses several security issues inside the exif and fbsql extensions
as well as the unserialize(), swf_definepoly() and getimagesize() functions."
(* Security fix *)
+--------------------------+
Sat Apr 2 13:18:23 EST 2005
patches/packages/gaim-1.2.0-s390-1.tgz: Upgraded to gaim-1.2.0 and
gaim-encryption-2.36 (compiled against mozilla-1.7.6).
patches/packages/mozilla-1.7.6-s390-1.tgz: Upgraded to mozilla-1.7.6.
Fixes some security issues. Please see mozilla.org for a complete list.
(* Security fix *)
patches/packages/mozilla-plugins-1.7.6-noarch-1.tgz: Adjusted plugin
symlinks for Mozilla 1.7.6.
+--------------------------+
Sun Mar 13 22:44:00 EST 2005
patches/packages/kernel-source-2.4.29-s390-2.tgz: Forward-ported patches
23 and 24 from developerWorks and rebuilt.
patches/packages/kernel-headers-2.4.29-s390-2.tgz: Rebuilt.
patches/packages/kernel-modules-2.4.29-s390-2.tgz: Rebuilt.
patches/packages/kernel-default-2.4.29-s390-2.tgz: Rebuilt.
+--------------------------+
Wed Feb 16 11:48:00 EST 2005
kernels/initrd.gz: Fixed a problem with semicolons in parmfiles not
being parsed properly, and causing errors.
+--------------------------+
Fri Feb 11 13:20:00 EST 2005
Released Slack/390 10.0 stable.
Thanks to everyone who did some testing on this release and
reported the problems they encountered. Some of them weren't
fixed, but should be before 10.1 goes GA. Please read the
release notes to understand what the issues are.
If you wind up using this distribution at your site, I would
be interested in hearing from you as to how it's working
for you. In particular, anything that can be improved or
just plain fixed.
As Pat always says, Have fun! :-)
Mark Post
+--------------------------+
Fri Feb 11 02:10:00 EST 2005
testing/packages/linux-2.6.7/kernel-generic-2.6.7-s390-1.tgz: Added a
generic Linux 2.6.7 kernel. Generic means that it supports almost
everything through modules, but a lot less than usual is built in.
For example, the only built-in filesystems are ext2 & ext3. If you
want something different for your root filesystem, or you need to load
SCSI or other drivers before mounting root, then you'll need to build
an initrd (see the new mkinitrd package). You'll also need to add
a line to your /etc/zipl.conf to load the initrd along with the kernel:
initrd=/boot/initrd.gz
This kernel package includes all the patches from IBM's developerWorks
through linux-2.6.5-s390-12-april2004.tar.gz, forward ported to 2.6.7.
testing/packages/linux-2.6.7/kernel-headers-2.6.7-s390-1.tgz: Added kernel
headers for Linux 2.6.7.
testing/packages/linux-2.6.7/kernel-modules-2.6.7-s390-1.tgz: Added kernel
modules for Linux 2.6.7.
testing/packages/linux-2.6.7/kernel-source-2.6.7-s390-1.tgz: Added kernel
source for Linux 2.6.7.
+--------------------------+
Mon Feb 7 01:38:00 EST 2005
patches/packages/x11-6.7.0-s390-2.tgz: Rebuilt
The XPM library which is part of the XFree86/XOrg project is used by several
GUI applications to process XPM image files, so it seemed like a good idea to
rebuild. For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692
(* Security fix *)
Note that the name of the keyboard driver in the xorg.conf file has
changed from "Keyboard" to "kbd". You'll need to make this change in
order to start X.
patches/packages/x11-devel-6.7.0-s390-2.tgz: Rebuilt
+--------------------------+
Thu Jan 27 19:40:00 EST 2005
patches/packages/kernel-source-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
(* Security fix *)
patches/packages/kernel-headers-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
(* Security fix *)
patches/packages/kernel-default-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
(* Security fix *)
patches/packages/kernel-modules-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
(* Security fix *)
+--------------------------+
Mon Jan 24 22:00:00 EST 2005
patches/packages/a2ps-4.13b-s390-2.tgz: Rebuilt
The GNU a2ps utility fails to properly sanitize filenames,
which can be abused by a malicious user to execute arbitray
commands with the privileges of the user running the vulnerable
application. To know wheter your a2ps package is vulnerable, see
the:
http://www.securityfocus.com/bid/11025
(* Security fix *)
patches/packages/imagemagick-6.1.4_5-s390-1.tgz: Upgraded to imagemagick-6.1.4_5
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0
allows remote attackers to execute arbitrary code via a certain image file.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
(* Security fix *)
patches/packages/sudo-1.6.8p4-s390-1.tgz: Upgraded to sudo-1.6.8p4.
This fixes a bug that may could permit malicious users with permission to run
a shell script that uses the bash shell to run arbitrary commands. For more
details, see:
http://www.sudo.ws/sudo/alerts/bash_functions.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1051
(* Security fix *)
patches/packages/samba-3.0.9-s390-1.tgz: Upgrade to samba-3.0.9.
A possible buffer overrun in smbd could lead to code execution by a remote
user. For more details, see:
http://samba.cdpa.nsysu.edu.tw/samba/news/#can-2004-0882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882
(* Security fix *)
patches/packages/lvm-1.0.8-s390-2.tgz: Rebuilt
A bug in lvm (1.5 through 2.1) allows local users to overwrite
files via a symlink attack on temporary files.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0972
(* Security fix *)
patches/packages/imlib-1.9.15-s390-1.tgz: Upgraded to imlib-1.9.15
Multiple heap-based buffer overflows in the imlib BMP image handler
allow remote attackers to execute arbitrary code via a crafted BMP file.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
(* Security fix *)
patches/packages/libxml2-2.6.16-s390-1.tgz: Upgraded to libxml2-2.6.16
Multiple buffer overflows may allow remote attackers to execute
arbitrary code. 2.6.12 and 2.6.13 are affected, it's unsure if older
versions are affected as well, you may want to upgrade to to libxml2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989
(* Security fix *)
patches/packages/nfs-utils-1.0.6-s390-2.tgz: Rebuilt
Statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE
signal, which allows remote attackers to cause a denial of service
(server process crash) via a TCP connection that is prematurely
terminated. More information
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1014
(* Security fix *)
patches/packages/php-4.3.10-s390-1.tgz: Upgraded to php-4.3.10
A theorietical vulnerability exists in older versions of libgd
that could allow a malicious user to upload a specially crafted
image file to exploit an integer overflow.
(* Security fix *)
+--------------------------+
Tue Nov 9 21:31:52 EST 2004
patches/packages/apache-1.3.33-s390-1.tgz: Upgraded to apache-1.3.33.
This fixes one new security issue (the first issue, CAN-2004-0492, was fixed
in apache-1.3.32). The second bug fixed in 1.3.3 (CAN-2004-0940) allows a
local user who can create SSI documents to become "nobody". The amount of
mischief they could cause as nobody seems low at first glance, but it might
allow them to use kill or killall as nobody to try to create a DoS.
Mention PHP's mhash dependency in httpd.conf (thanks to Jakub Jankowski).
(* Security fix *)
patches/packages/libtiff-3.7.0-s390-1.tgz: Upgraded to libtiff-3.7.0.
This fixes several bugs that could lead to crashes, or could possibly allow
arbitrary code to be executed. For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
(* Security fix *)
patches/packages/mod_ssl-2.8.22_1.3.33-s390-1.tgz: Upgraded to
mod_ssl-2.8.22_1.3.33.
+--------------------------+
Thu Oct 28 22:03:51 EDT 2004
patches/packages/apache-1.3.32-s390-1.tgz: Upgraded to apache-1.3.32.
This addresses a heap-based buffer overflow in mod_proxy by rejecting
responses from a remote server with a negative Content-Length. The
flaw could crash the Apache child process, or possibly allow code to
be executed as the Apache user (but only if mod_proxy is actually in
use on the server).
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
(* Security fix *)
patches/packages/mod_ssl-2.8.21_1.3.32-s390-1.tgz:
Upgraded to mod_ssl-2.8.21-1.3.32.
Don't allow clients to bypass cipher requirements, possibly negotiating
a connection that the server does not consider secure enough.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
(* Security fix *)
patches/packages/php-4.3.9-s390-1.tgz: Upgraded to php-4.3.9.
+--------------------------+
Sun Oct 24 00:43:25 EDT 2004
patches/packages/gaim-1.0.2-s390-1.tgz: Upgraded to gaim-1.0.2
and gaim-encryption-2.32. A buffer overflow in the MSN protocol
handler for GAIM 0.79 to 1.0.1 allows remote attackers to cause
a denial of service (application crash) and may allow the
execution of arbitrary code.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
(* Security fix *)
+--------------------------+
Thu Oct 21 22:22:09 EDT 2004
a, ap, k: Updated the maketag, maketag.ez, and tagfiles to reflect the
package names that are different for Slack/390.
+--------------------------+
Wed Oct 13 14:56:33 EDT 2004
patches/packages/rsync-2.6.3-s390-1.tgz: Upgraded to rsync-2.6.3.
From the rsync NEWS file:
A bug in the sanitize_path routine (which affects a non-chrooted
rsync daemon) could allow a user to craft a pathname that would get
transformed into an absolute path for certain options (but not for
file-transfer names). If you're running an rsync daemon with chroot
disabled, *please upgrade*, ESPECIALLY if the user privs you run
rsync under is anything above "nobody".
Note that rsync, in daemon mode, sets the "use chroot" to true by
default, and (in this default mode) is not vulnerable to this issue.
I would strongly recommend against setting "use chroot" to false
even if you've upgraded to this new package.
(* Security fix *)
+--------------------------+
Mon Oct 4 16:27:18 EDT 2004
patches/packages/getmail-4.2.0-s390-1.tgz: Upgraded to
getmaii-4.2.0. Earlier versions contained a local security flaw
when used in an insecure fashion (surprise, running something as
root that writes to user-controlled files or directories could
allow the old symlink attack to clobber system files! :-)
From the getmail CHANGELOG:
This vulnerability is not exploitable if the administrator does
not deliver mail to the maildirs/mbox files of untrusted local
users, or if getmail is configured to use an external
unprivileged MDA. This vulnerability is not remotely exploitable.
Most users would not use getmail in such as way as to be vulnerable
to this flaw, but if your site does this package closes the hole.
I'd also recommend not using getmail like this. Either run it as the
user that owns the target mailbox, or deliver through an external MDA.
(* Security fix *)
patches/packages/zlib-1.2.2-s390-1.tgz: Upgraded to zlib-1.2.2.
This fixes a possible DoS in earlier versions of zlib-1.2.x.
(* Security fix *)
+--------------------------+
Sat Sep 25 00:53:44 EDT 2004
kernels/initrd.gz: Corrected the "welcome message" in /etc/issue. Copied
/etc/issue to /etc/issue.net to that people using telnet instead of SSH
will see the message. Renamed /etc/securetty to /etc/securetty.hold so
that people using telnet won't be prompted for a password for root when
starting the install proces.
+--------------------------+
Tue Sep 21 01:44:00 EDT 2004
patches/packages/cups-1.1.21-s390-1.tgz: Upgraded to cups-1.1.21.
This fixes a flaw where a remote attacker can crash the CUPS
server causing a denial of service.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
(* Security fix *)
patches/packages/gtk+2-2.4.10-s390-1.tgz: Upgraded to gtk+-2.4.10.
This fixes security issues in the image loader routines that can
crash applications.
(* Security fix *)
patches/packages/mozilla-1.7.3-s390-1.tgz: Upgraded to mozilla-1.7.3.
The Mozilla page says this fixes some "minor security holes".
It also breaks Galeon and Epiphany, and new versions of these have
still not appeared. In light of this, I think it's time to remove
these Gecko-based browsers. The future is going to be Firefox and
Thunderbird anyway, and I don't believe Galeon and Epiphany can be
compiled against Firefox's libraries.
(* Security fix *)
patches/packages/mozilla-plugins-1.7.3-noarch-1.tgz: Changed plugin
symlinks for Mozilla 1.7.3.
patches/packages/xine-lib-1rc6a-s390-1.tgz: Upgraded to xine-lib-1-rc6a.
This release fixes a few overflows that could have security implications.
(* Security fix *)
+--------------------------+
Sun Sep 19 14:15:46 EDT 2004
extra/kernel-default-2.4.21/kernel-default-2.4.21-s390-2.tgz: Rebuilt
the kernel from the new kernel source.
extra/kernel-headers-2.4.21/kernel-headers-2.4.21-s390-2.tgz: Rebuilt
the kernel from the new kernel source.
extra/kernel-modules-2.4.21/kernel-modules-2.4.21-s390-2.tgz: Rebuilt
the kernel from the new kernel source.
extra/kernel-source-2.4.21/kernel-source-2.4.21-s390-2.tgz: Applied the
latest IBM patches from developerWorks to the kernel source . We're
now up to the -16 level of the "June 2003 Stream."
+--------------------------+
Sun Sep 19 01:34:06 EDT 2004
a/kernel-default-2.4.26-s390-2.tgz: Rebuilt the kernel from the new kernel
source.
a/kernel-modules-2.4.26-s390-2.tgz: Rebuilt the kernel modules from the new
kernel source.
d/kernel-headers-2.4.26-s390-2.tgz: Rebuilt the kernel headers from the new
kernel source.
k/kernel-source-2.4.26-s390-2.tgz: Applied the latest IBM patches from
developerWorks to the kernel source (forward ported from 2.4.21). We're
now up to the -16 level of the "June 2003 Stream."
extra/cpint-1.1.6/cpint-1.1.6_2.4.26-s390-2.tgz: Rebuilt using the new
kernel source.
+--------------------------+
Sat Sep 18 13:52:22 EDT 2004
x/*: Finally got the x11 packages to build properly, so I followed
Pat's direction and switched to X11R6.7.0 from X.Org. Instead of
moving XFree86 to unsupported, though, I moved it to /pasture for
this version only. I tested various X applications, and they all
seemed to work without having to recompile. If anyone runs into
a case where they think a recompile will help, please let me know.
extra/kernel-default-2.4.21/kernel-default-2.4.21-s390-1.tgz: Moved to /extra
because a number of people were installing both, instead of just one. Since
I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-headers-2.4.21/kernel-headers-2.4.21-s390-1.tgz: Moved to /extra
because a number of people were installing both, instead of just one. Since
I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-modules-2.4.21/kernel-modules-2.4.21-s390-1.tgz: Moved to /extra
because a number of people were installing both, instead of just one. Since
I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-source-2.4.21/kernel-source-2.4.21-s390-1.tgz: Moved to /extra
because a number of people were installing both, instead of just one. Since
I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/source/kde: Removed the entire arts directory, since it was a duplicate
of the one in source/kde/arts.
+--------------------------+
Tue Sep 14 13:04:28 EDT 2004
patches/packages/samba-3.0.5-s390-2.tgz: Patched two Denial of Service
vulnerabilities in samba-3.0.5.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808
(* Security fix *)
+--------------------------+
Sat Sep 11 18:59:48 EDT 2004
d/gcc-3.3.4-s390-2.tgz: Recompiled with a patch that will allow 2.6
kernel modules to be built on S/390.
patches/packages/proftpd-1.2.10-s390-1.tgz: Upgraded to proftpd-1.2.10.
extra/kde-3.2.3/kdebase-3.2.3-s390-2.tgz: Patched frame injection
vulnerability in Konqueror. For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
(* Security fix *)
extra/kde-3.2.3/kdelibs-3.2.3-s390-2.tgz: Patched unsafe temporary directory
usage, cross-domain cookie injection vulnerability for certain country
specific domains, and frame injection vulnerability in Konqueror.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746
(* Security fix *)
+--------------------------+
Tue Sep 7 23:47:15 EDT 2004
patches/packages/glibc-2.3.2-s390-2.tgz: Recompiled using 'strip -g' rather
than 'strip --strip-unneeded' to avoid stripping symbols that are needed for
debugging threads. Thanks to those who reported this bug, especially
Ricardo Nabinger Sanchez who sent in a sample thread program that made
it easy to test for the problem (and confirm the fix worked).
patches/packages/glibc-solibs-2.3.2-s390-2.tgz: Recompiled using 'strip -g'.
patches/packages/kdebase-3.2.1-s390-3.tgz: Patched frame injection
vulnerability in Konqueror. For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
(* Security fix *)
patches/packages/kdelibs-3.2.1-s390-2.tgz: Patched unsafe temporary directory
usage, cross-domain cookie injection vulnerability for certain country
specific domains, and frame injection vulnerability in Konqueror.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746
(* Security fix *)
+--------------------------+
Fri Aug 27 16:03:02 EDT 2004
patches/packages/gaim-0.82.1-s390-1.tgz:
Upgraded to gaim-0.82.1 and gaim-encryption-2.30.
Fixes several security issues:
Content-length DOS (malloc error) (no CAN ID on this one)
MSN strncpy buffer overflow (CAN-2004-0500)
Groupware message receive integer overflow (CAN-2004-0754)
Smiley theme installation lack of escaping (CAN-2004-0784)
RTF message buffer overflow, Local hostname resolution buffer overflow,
URL decode buffer overflow (these 3 are CAN-2004-0785)
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785
(* Security fix *)
+--------------------------+
Tue Aug 24 17:01:29 EDT 2004
patches/packages/qt-3.3.3-s390-1.tgz: Upgraded to qt-3.3.3.
This fixes bugs in the image loading routines which could be
used by an attacker to run unauthorized code or create a
denial-of-service.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0693
(* Security fix *)
+--------------------------+
Wed Aug 11 00:09:13 EDT 2004
patches/packages/epiphany-1.2.7-s390-1.tgz: Upgraded to epiphany-1.2.7.
(compiled against Mozilla 1.7.2)
patches/packages/gaim-0.81-s390-1.tgz: Upgraded to gaim-0.81.
(compiled against Mozilla 1.7.2)
patches/packages/galeon-1.3.17-s390-1.tgz: Upgraded to galeon-1.3.17.
(compiled against Mozilla 1.7.2)
patches/packages/mozilla-1.7.2-s390-1.tgz: Upgraded to Mozilla 1.7.2. This
fixes three security vulnerabilities. For details, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2
(* Security fix *)
patches/packages/mozilla-plugins-1.7.2-noarch-1.tgz: Changed plugin symlinks
for Mozilla 1.7.2.
+--------------------------+
Sun Aug 8 20:42:58 EDT 2004
patches/packages/sox-12.17.4-s390-2.tgz: Patched buffer overflows
that could allow a malicious WAV file to execute arbitrary code.
(* Security fix *)
patches/packages/imagemagick-6.0.4_3-s390-1.tgz: Upgraded to
ImageMagick-6.0.4-3. Fixes PNG security issues.
(* Security fix *)
patches/packages/libpng-1.2.5-s390-2.tgz: Patched possible security
issues including buffer and integer overflows and null pointer
references. These issues could cause program crashes, or possibly
allow arbitrary code embedded in a malicious PNG image to execute.
The PNG library is widely used within the system, so all sites
should upgrade to the new libpng package.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599
(* Security fix *)
+--------------------------+
Thu Aug 5 17:49:06 EDT 2004
kde/kdeaccessibility-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeaddons-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeadmin-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeartwork-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdebase-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdebindings-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeedu-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdegames-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdegraphics-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdelibs-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdemultimedia-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdenetwork-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdepim-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdesdk-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdetoys-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeutils-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdevelop-3.0.2-s390-2.tgz: Rebuilt using the correct version of qt
kde/koffice-1.3.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/quanta-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
source/kde: Added the source packages and prototypes that corresponds to KDE 3.2.1
extra/source/kde: Moved the source that corresponds to KDE 3.2.3 to /extra/source/
+--------------------------+
Mon Jul 26 12:04:25 EDT 2004
patches/packages/mod_ssl-2.8.19_1.3.31-s390-1.tgz:
Upgraded to mod_ssl-2.8.19-1.3.31.
This fixes a security hole (ssl_log() related format string
vulnerability in mod_proxy hook functions), so sites using mod_ssl
should upgrade to the new version. Be sure to back up your existing
key files first.
(* Security fix *)
patches/packages/samba-3.0.5-s390-1.tgz: Upgraded to samba-3.0.5.
This fixes a buffer overflow in SWAT and another in the code supporting
the 'mangling method = hash' smb.conf option (which is not the default).
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686
(* Security fix *)
+--------------------------+
Fri Jul 23 22:27:22 EDT 2004
kernels/initrd.gz: Modified the kernel installation script, and the
swapfile configuration scripts. Fixed the /bin/filesize script
so that it now returns the file size, and not the month.
+--------------------------+
Wed Jul 21 15:06:51 EDT 2004
patches/packages/php-4.3.8-s390-1.tgz: Upgraded to php-4.3.8.
This release fixes two security problems in PHP (memory_limit handling and
a problem in the strip_tags function). Sites using PHP should upgrade.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
(* Security fix *)
+--------------------------+
Mon Jul 12 15:52:33 EDT 2004
extra/regina/regina-3.3-s390-1.tgz: Added regina 3.3
extra/the/the-3.1-s390-1.tgz: Added THE 3.1
+--------------------------+
Fri Jul 9 12:42:18 EDT 2004
patches/packages/vim-6.3.007-s390-1.tgz: Upgraded to patchlevel 007.
patches/packages/xvim-6.3.007-s390-1.tgz: Upgraded to patchlevel 007.
+--------------------------+
Tue Jul 6 20:20:00 EDT 2004
a/kernel-modules-2.4.21-s390-1.tgz
patches/packages/gaim-0.79-s390-1.tgz
+--------------------------+
Tue Jul 6 02:20:00 EDT 2004
d/kernel-headers-2.4.21-s390-1.tgz
k/kernel-source-2.4.21-s390-1.tgz
+--------------------------+
Fri Jul 4 19:20:00 EDT 2004
d/doxygen-1.3.7-s390-1.tgz
+--------------------------+
Thu Jul 1 20:45:00 EDT 2004
a/shadow-4.0.3-s390-1.tgz
d/gdb-6.1.1-s390-1.tgz
gnome/epiphany-1.2.6-s390-1.tgz
gnome/epiphany-extensions-0.9.1-s390-1.tgz
gnome/gail-1.6.6-s390-1.tgz
gnome/galeon-1.3.15-s390-1.tgz: Patched and compiled for Mozilla 1.7.
Thanks very much to Philip Langdale for the patch (which made it possible
to squeeze Mozilla 1.7 into this Slackware release at the last minute).
gnome/gconf-2.6.2-s390-1.tgz
gnome/gconf-editor-2.6.2-s390-1.tgz
gnome/gdm-2.6.0.3-s390-1.tgz
gnome/gnome-desktop-2.6.2-s390-1.tgz
gnome/gnome-panel-2.6.2-s390-1.tgz
gnome/gnome-session-2.6.2-s390-1.tgz
gnome/gnome-speech-0.3.3-s390-1.tgz
gnome/gnome-themes-2.6.2-s390-1.tgz
gnome/gnopernicus-0.9.5-s390-1.tgz
gnome/gpdf-0.132-s390-1.tgz
gnome/gstreamer-0.8.3-s390-1.tgz
gnome/libgtkhtml-2.6.2-s390-1.tgz
gnome/libwnck-2.6.2-s390-1.tgz
l/sdl-1.2.7-s390-1.tgz
n/iptables-1.2.10-s390-1.tgz
xap/gaim-0.78-s390-1.tgz: Compiled against Mozilla 1.7 libraries.
Added gaim-encryption plugin (suggested by Chris Lumens and Eric Hameleers).
xap/gnuchess-4.0.pl80-s390-1.tgz
xap/mozilla-1.7-s390-1.tgz
+--------------------------+
Thu Jul 1 02:10:00 EDT 2004
a/kernel-default-2.4.26-s390-1.tgz
a/kernel-modules-2.4.26-s390-1.tgz: Load quota_v2 from rc.modules if
quota options are seen in /etc/fstab.
a/mkinitrd-1.0.1-s390-1.tgz
ap/quota-3.12-s390-1.tgz
l/ncurses-5.4-s390-1.tgz
n/lftp-3.0.6-s390-1.tgz
n/nfs-utils-1.0.6-s390-1.tgz
n/pidentd-3.0.18-s390-1.tgz
n/tcpip-0.17-s390-1.tgz
n/whois-4.6.16-s390-1.tgz
n/wireless-tools-26-s390-1.tgz
xap/gkrellm-2.2.1-s390-1.tgz
extra/bash-completion/bash-completion-20040526-s390-1.tgz
extra/k3b/k3b-0.11.11-s390-1.tgz
extra/kfiresaver3d/kfiresaver3d-0.6-s390-1.tgz
extra/slacktrack/slacktrack-1.21-s390-1.tgz
pasture/pcnfsd-93.02.16-s390-1.tgz
+--------------------------+
Wed Jun 30 01:09:56 EDT 2004
a/hotplug-2004_01_05-s390-1
l/libtiff-3.6.1-s390-1
n/bitchx-1.1-s390-1
n/inetd-1.79s-s390-1
xap/gimp-2.0.2-s390-1
+--------------------------+
Tue Jun 29 02:24:20 EDT 2004
a/aaa_base-10.0.0-s390-1
a/cxxlibs-5.0.6-s390-1
a/aaa_elflibs-9.2.0-s390-1.tgz
a/udev-026-s390-1
ap/most-4.9.5-s390-1
d/gcc-3.3.4-s390-1
d/gcc-g++-3.3.4-s390-1
d/gcc-g77-3.3.4-s390-1
d/gcc-gnat-3.3.4-s390-1
d/gcc-java-3.3.4-s390-1
d/gcc-objc-3.3.4-s390-1
d/m4-1.4.1-s390-1
+--------------------------+
Mon Jun 27 02:55:00 EDT 2004
kde/kdeaddons-3.2.3-s390-1
kde/kdebindings-3.2.3-s390-1
kde/kdepim-3.2.3-s390-1
kde/koffice-1.3.1-s390-1
kde/quanta-3.2.3-s390-1
l/gtk+2-2.4.3-s390-1
+--------------------------+
Sun Jun 26 14:10:00 EDT 2004
kde/kdevelop-3.0.4-s390-1
+--------------------------+
Sat Jun 26 02:25:00 EDT 2004
kde/kdeaccessibility-3.2.3-s390-1
kde/kdeadmin-3.2.3-s390-1
kde/kdeartwork-3.2.3-s390-1
kde/kdeedu-3.2.3-s390-1
kde/kdegames-3.2.3-s390-1
kde/kdegraphics-3.2.3-s390-1
kde/kdemultimedia-3.2.3-s390-1
kde/kdenetwork-3.2.3-s390-1
kde/kdesdk-3.2.3-s390-1
kde/kdetoys-3.2.3-s390-1
+--------------------------+
Fri Jun 25 01:30:00 EDT 2004
l/arts-1.2.3-s390-1
kde/kdebase-3.2.3-s390-1
kde/kdelibs-3.2.3-s390-1
kde/kdeutils-3.2.3-s390-1
kde/qt-3.3.2-s390-1
+--------------------------+
Wed Jun 23 22:10:00 EDT 2004
a/sysvinit-2.84-s390-1
ap/cdrdao-1.1.9-s390-1
ap/vim-6.3.004-s390-1
d/cvs-1.11.17-s390-1
d/strace-4.5.4-s390-1
gnome/gcalctool-4.4.8-s390-1
gnome/gnome-icon-theme-1.2.3-noarch-1
gnome/nautilus-2.6.3-s390-1
gnome/totem-0.99.12-s390-1
l/zlib-1.2.1.1-s390-1
n/elm-2.5.7-s390-1
n/proftpd-1.2.9-s390-1
xap/imagemagick-6.0.2_7-s390-1
xap/xchat-2.0.9-s390-1
xap/xine-lib-1rc4a-s390-1
xap/xvim-6.3.004-s390-1
+--------------------------+
Caught up to Pat's upload dated Mon Jun 7 00:56:25 PDT 2004
|
|
|
