Posted by: mRgOBLIN
Wed Oct 13 23:25:14 2004
Security Updates -- Rsync
New rsync 2.6.3 packages are available for Slackware 8.1, 9.0, 9.1,
10.0, and -current to a fix security issue when rsync is run as
a non-chrooted server.
From the rsync NEWS file:
A bug in the sanitize_path routine (which affects a non-chrooted
rsync daemon) could allow a user to craft a pathname that would get
transformed into an absolute path for certain options (but not for
file-transfer names). If you're running an rsync daemon with chroot
disabled, *please upgrade*, ESPECIALLY if the user privs you run
rsync under is anything above "nobody".
Read the Official Advisory here
mRgOBLIN
Posted by: mRgOBLIN
Tue Oct 5 03:46:36 2004
Security Updates -- Getmail and Zlib DoS
New getmail packages are available for Slackware 9.1, 10.0 and -current to
fix a security issue. If getmail is used as root to deliver to user owned
files or directories, it can be made to overwrite system files.
Official Advisory is here
New zlib packages are available for Slackware 10.0 and -current to
fix a possible denial of service security issue.
Official Advisory is here
mRgOBLIN
Posted by: mRgOBLIN
Thu Sep 23 00:50:29 2004
Security Updates -- Cups, GTK+, Mozilla and xine-lib
Several security updates have been released.
New Cups packages are available for Slackware 9.1, 10.0, and -current to
fix a denial of service issue where a malformed packet can crash the
CUPS server.
New GTK+, Mozilla and xine-lib packages are available for Slackware 10.0 and -current to fix various security issues.
For full details please read the Official Advisories here
mRgOBLIN
Posted by: mRgOBLIN
Wed Sep 15 01:29:46 2004
Security Updates -- Samba DoS
New samba packages are available for Slackware 10.0 and -current.
These fix two denial of service vulnerabilities reported by
iDEFENSE. Slackware -current has been upgraded to samba-3.0.7,
while the samba-3.0.5 included with Slackware 10.0 has been
patched to fix these issues. Sites running Samba 3.x should
upgrade to the new package. Versions of Samba before 3.0.x are
not affected by these flaws.
Read the Official Advisory here
mRgOBLIN
Posted by: mRgOBLIN
Tue Sep 14 01:52:45 2004
Slackware.com -- New Package Browser.
For some time now the Package Browser at Slackware.com has not be working...
This is no longer the case and we now have a shiny new Package Browser to use courtesy of Andreas Liebschner. I talked to Andreas via email to get some background and info on both PB and himself. The story goes like this...
Read More
mRgOBLIN
Posted by: mRgOBLIN
Sat Sep 4 08:45:31 2004
Security Updates -- kdelibs and kdebase
New kdelibs and kdebase packages are available for Slackware 9.1, 10.0,
and -current to fix security issues.
Read the official advisory here
mRgOBLIN
Posted by: mRgOBLIN
Sat Sep 4 08:43:03 2004
Tuxs.org -- A week with Slax Linux
tuxs.org have an article written by Barney Matthews detailing his experience with Slax Linux.
A bit about Slax before "the challenge"
Before I get on to my challenge, let me tell you a bit about Slax first. Slax is a Slackware based 185 MB bootable Linux CD. It includes: Kernel 2.4.8, KDE 3.3.0, Koffice 1.3.2, KDE Games, Mplayer, Kplayer, Midnight Commander, Rdesktop, K3b and also the Fluxbox desktop. Slax is the work of Tomas Matejicek, has very nice website and an active forum.
Read the article here
mRgOBLIN
Posted by: mRgOBLIN
Sat Aug 28 01:53:48 2004
Security Updates -- Gaim updated
A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1
was released to fix them. In addition, gaim-encryption-2.29 did not
work with gaim-0.82 due to changes in the header files, so the
gaim-encryption plugin has also been updated to gaim-encryption-2.30.
Read the official Advisory here
mRgOBLIN
Posted by: mRgOBLIN
Fri Aug 27 08:35:18 2004
Security Updates -- Gaim
New gaim packages are available for Slackware 9.1, 10.0 and -current to
fix several security issues. Sites that use GAIM should upgrade to the
new version.
Read the official advisory here
mRgOBLIN
Posted by: mRgOBLIN
Tue Aug 24 04:06:03 2004
Security Updates -- QT
New Qt packages are available for Slackware 9.0, 9.1, 10.0, and -current to
fix security issues. Bugs in the routines that handle PNG, BMP, GIF, and
JPEG images may allow an attacker to cause unauthorized code to execute when
a specially crafted image file is processed. These flaws may also cause
crashes that lead to a denial of service.
Read the official advisory here
mRgOBLIN
Posted by: mRgOBLIN
Wed Aug 18 00:15:37 2004
Linux Gazette -- Q & A: The difference between hard and soft links
Lew Pitcher has written a very good article for the Linux Gazette explaining all you need to know about hard and soft links.
Q: Can someone give me a simple explanation of the difference between a soft link and a hard link? The documentation I've read mention these links but make no strong explanations of their meaning and how/when to use them. Thanks!
A: OK, I'll give it a try...
Read the article here
mRgOBLIN
Posted by: mRgOBLIN
Wed Aug 11 07:54:58 2004
Security Updates -- libpng, mozilla, sox and imagemagic.
Several security updates for Slackware 8.1, 9.0, 9.1 and 10 have been released over the last few days fixing vulnerabilities in libpng, mozilla, sox and imagemagic(libpng related).
A full list of security updates can be found here
mRgOBLIN