Slacknews.org

[slackware-security] bind (SSA:2011-224-01)

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/bind-9.7.4-i486-1_slack13.37.txz: Upgraded.
This BIND update addresses a couple of security issues:
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R5-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R5-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R5-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R5-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R5-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.4-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.4-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.4-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.4-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 8.1 package:
dc89ecedef601f734fd45daa5bdcd7d9 bind-9.4_ESV_R5-i386-1_slack8.1.tgz

Slackware 9.0 package:
d3bfca586ce41793538cec589ec5e885 bind-9.4_ESV_R5-i386-1_slack9.0.tgz

Slackware 9.1 package:
f515e3b8a2b22e1ba39735951f384bfe bind-9.4_ESV_R5-i486-1_slack9.1.tgz

Slackware 10.0 package:
baefa4932cef962cd911dc4d963f014e bind-9.4_ESV_R5-i486-1_slack10.0.tgz

Slackware 10.1 package:
8dabc6e5022b1135a9ba8a0aca654233 bind-9.4_ESV_R5-i486-1_slack10.1.tgz

Slackware 10.2 package:
b956f174f5804d04afe9f922e6dce047 bind-9.4_ESV_R5-i486-1_slack10.2.tgz

Slackware 11.0 package:
71b7dea3e090840d319ee14bae47066e bind-9.4_ESV_R5-i486-1_slack11.0.tgz

Slackware 12.0 package:
a62f276534e0528ff72e619fd6693a9c bind-9.4_ESV_R5-i486-1_slack12.0.tgz

Slackware 12.1 package:
2687b1d88aa9098f8c2f17b0a2305922 bind-9.4_ESV_R5-i486-1_slack12.1.tgz

Slackware 12.2 package:
400f63e3904f17878ffcfb708dc2441e bind-9.4_ESV_R5-i486-1_slack12.2.tgz

Slackware 13.0 package:
09ef7f2dc543effe1c6867403f577c31 bind-9.4_ESV_R5-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
54a40e83d4fbdc6ad5cb6a6f675c32a5 bind-9.4_ESV_R5-x86_64-1_slack13.0.txz

Slackware 13.1 package:
892a69decaf20b0fdbb3c26e350f4091 bind-9.4_ESV_R5-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
c0455392827bbab32f2f61efad86d306 bind-9.4_ESV_R5-x86_64-1_slack13.1.txz

Slackware 13.37 package:
dd9c61c7937d6962644f3ab3b6827e9c bind-9.7.4-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
5b1a647dbb9650dfcaf60e17c9de5c6b bind-9.7.4-x86_64-1_slack13.37.txz

Slackware -current package:
8de3690d50448e07641ab56781809fb3 n/bind-9.7.4-i486-1.txz

Slackware x86_64 -current package:
052dc19a356df332d355581aa1d798f6 n/bind-9.7.4-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg bind-9.7.4-i486-1_slack13.37.txz

Then, restart the name server:

# /etc/rc.d/rc.bind restart

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] samba (SSA:2011-210-03)

New samba packages are available for Slackware 13.1, 13.37, and -current to
fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/samba-3.5.10-i486-1_slack13.37.txz: Upgraded.
Fixed cross-site request forgery and cross-site scripting vulnerability
in SWAT (the Samba Web Administration Tool).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/samba-3.5.10-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/samba-3.5.10-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/samba-3.5.10-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/samba-3.5.10-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-3.5.10-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-3.5.10-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.1 package:
9dd8c9e4a6881ea5b82cf8e3d59e0256 samba-3.5.10-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
a9364edef99d026831b38757de582109 samba-3.5.10-x86_64-1_slack13.1.txz

Slackware 13.37 package:
9139d218c171399faf99c23f70ac755d samba-3.5.10-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
5e5757633918950d795280efb7a88d08 samba-3.5.10-x86_64-1_slack13.37.txz

Slackware -current package:
0e347b1e1648bcc94582392e573da4a4 samba-3.5.10-i486-1.txz

Slackware x86_64 -current package:
0c6a7ddf8633a1f3087b10397bea9abe samba-3.5.10-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg samba-3.5.10-i486-1_slack13.37.txz

Then, if Samba is running restart it:

# /etc/rc.d/rc.samba restart

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] dhcpcd (SSA:2011-210-02)

New dhcpcd packages are available for Slackware 13.0, 13.1, 13.37,
and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/dhcpcd-5.2.12-i486-1_slack13.37.txz: Upgraded.
Sanitize the host name provided by the DHCP server to insure that it does
not contain any shell metacharacters.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/dhcpcd-3.2.3-i486-2_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/dhcpcd-3.2.3-x86_64-2_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/dhcpcd-5.2.12-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/dhcpcd-5.2.12-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/dhcpcd-5.2.12-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/dhcpcd-5.2.12-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcpcd-5.2.12-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/dhcpcd-5.2.12-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
1029af8f686830f358e053ca2406b9a6 dhcpcd-3.2.3-i486-2_slack13.0.txz

Slackware x86_64 13.0 package:
5615c7feb96339495bf628ea248a6b76 dhcpcd-3.2.3-x86_64-2_slack13.0.txz

Slackware 13.1 package:
23211c76d60f18f568a44f76c6cbc2dc dhcpcd-5.2.12-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
2b186bb623ee30926e54e11c5017ec14 dhcpcd-5.2.12-x86_64-1_slack13.1.txz

Slackware 13.37 package:
9b669fe2c0f4cd3267aad81a28e8302c dhcpcd-5.2.12-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
77564e0ba2daaa5066acd44cd33e8f40 dhcpcd-5.2.12-x86_64-1_slack13.37.txz

Slackware -current package:
8700b8a222d2cbc3564cd9d25b551ac1 dhcpcd-5.2.12-i486-1.txz

Slackware x86_64 -current package:
1d96860005547b5edfc55a4d79fb44cd dhcpcd-5.2.12-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg dhcpcd-5.2.12-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] libpng (SSA:2011-210-01)

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current
to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/libpng-1.4.8-i486-1_slack13.37.txz: Upgraded.
Fixed uninitialized memory read in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/libpng-1.2.46-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/libpng-1.2.46-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/libpng-1.2.46-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/libpng-1.2.46-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/libpng-1.2.46-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/libpng-1.2.46-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/libpng-1.2.46-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/libpng-1.2.46-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/libpng-1.2.46-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/libpng-1.2.46-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libpng-1.2.46-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libpng-1.2.46-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libpng-1.4.8-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libpng-1.4.8-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libpng-1.4.8-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libpng-1.4.8-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpng-1.4.8-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpng-1.4.8-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 8.1 package:
ad0f8dc2b0b9269c342a0d61bd007c5e libpng-1.2.46-i386-1_slack8.1.tgz

Slackware 9.0 package:
365bea389c02fdc3b920b36b1f5f5a4d libpng-1.2.46-i386-1_slack9.0.tgz

Slackware 9.1 package:
b96cf4fb882decd82bba233b615df3ba libpng-1.2.46-i486-1_slack9.1.tgz

Slackware 10.0 package:
64b11f971f7379ed0af5dc766daf2dd4 libpng-1.2.46-i486-1_slack10.0.tgz

Slackware 10.1 package:
13927173b5ecc4a33a0290363e4e53cd libpng-1.2.46-i486-1_slack10.1.tgz

Slackware 10.2 package:
b32cb1ee9694579a42e47128323b0412 libpng-1.2.46-i486-1_slack10.2.tgz

Slackware 11.0 package:
bc0efc812d8b1a52bb5c480a5b2f9200 libpng-1.2.46-i486-1_slack11.0.tgz

Slackware 12.0 package:
c4fb87f7ecf7aebcd380765d25d0f751 libpng-1.2.46-i486-1_slack12.0.tgz

Slackware 12.1 package:
8f1d8ec6a325c95725b3740dbd41c311 libpng-1.2.46-i486-1_slack12.1.tgz

Slackware 12.2 package:
c846762291145276057dad5c58bb2f89 libpng-1.2.46-i486-1_slack12.2.tgz

Slackware 13.0 package:
e0bc86aa7eeed92f8f8734efa0b54483 libpng-1.2.46-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
3d2a8eb7474420519c947f666635ece8 libpng-1.2.46-x86_64-1_slack13.0.txz

Slackware 13.1 package:
406d411805cf2f99c567c97f53bce69b libpng-1.4.8-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
972fb84c00c4a0d7ab9134f6e65c657f libpng-1.4.8-x86_64-1_slack13.1.txz

Slackware 13.37 package:
a323c2d1ff04054ec8423710200c7682 libpng-1.4.8-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
a56d0776e600625505cc12e6853c50cc libpng-1.4.8-x86_64-1_slack13.37.txz

Slackware -current package:
ebf0f61c96738b840afa104e6ed3a71f libpng-1.4.8-i486-1.txz

Slackware x86_64 -current package:
c3ea775b59fde83c9e65a1d9648945c9 libpng-1.4.8-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the packages as root:
# upgradepkg libpng-1.4.8-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] seamonkey (SSA:2011-195-01)

New seamonkey packages are available for Slackware 13.37, and -current to
fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/seamonkey-2.2-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
patches/packages/seamonkey-solibs-2.2-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/seamonkey-2.2-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/seamonkey-solibs-2.2-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/seamonkey-2.2-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/seamonkey-solibs-2.2-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/seamonkey-solibs-2.2-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-2.2-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/seamonkey-solibs-2.2-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/seamonkey-2.2-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.37 package:
b96aff564252e24662cd833df957587c seamonkey-2.2-i486-1_slack13.37.txz
e5aca9eec859b12b97047d87e80d8d72 seamonkey-solibs-2.2-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
49178faed12f0f3a190ad342021bc87d seamonkey-2.2-x86_64-1_slack13.37.txz
403b14137c521f8d385d11f252eaa100 seamonkey-solibs-2.2-x86_64-1_slack13.37.txz

Slackware -current package:
fc1987372842b610cc7f5cb0f280b65f l/seamonkey-solibs-2.2-i486-1.txz
71e14c6f70f1869a044021e4f2a03768 xap/seamonkey-2.2-i486-1.txz

Slackware x86_64 -current package:
a2d6bafed1cd6ee6c1fd3841df4b7ab9 l/seamonkey-solibs-2.2-x86_64-1.txz
7a4fe27ad0a5498cd87d43c61609cc83 xap/seamonkey-2.2-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the packages as root:
# upgradepkg seamonkey-2.2-i486-1_slack13.37.txz seamonkey-solibs-2.2-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] mozilla-firefox (SSA:2011-195-02)

New mozilla-firefox packages are available for Slackware 13.0 and 13.1 to
fix security issues.

Here are the details from the Slackware 13.1 ChangeLog:
+————————–+
patches/packages/mozilla-firefox-3.6.19-i686-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-firefox-3.6.19-i686-1.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-firefox-3.6.19-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-firefox-3.6.19-i686-1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-firefox-3.6.19-x86_64-1_slack13.1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
309909b61a49053c4e12e213287c7f5b mozilla-firefox-3.6.19-i686-1.txz

Slackware x86_64 13.0 package:
bbad9abc9da5ee386a68bedb5c9a5796 mozilla-firefox-3.6.19-x86_64-1_slack13.0.txz

Slackware 13.1 package:
4c3369ad77514cf4697b99a566ab0da1 mozilla-firefox-3.6.19-i686-1.txz

Slackware x86_64 13.1 package:
2a4ab812cf3d6e8d18304b53dadde2c0 mozilla-firefox-3.6.19-x86_64-1_slack13.1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg mozilla-firefox-3.6.19-i686-1.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] mozilla-thunderbird (SSA:2011-189-02)

New mozilla-thunderbird packages are available for Slackware 13.0, 13.1, 13.37,
and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/mozilla-thunderbird-3.1.11-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-thunderbird-3.1.11-i686-1.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-thunderbird-3.1.11-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-thunderbird-3.1.11-i686-1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-thunderbird-3.1.11-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-thunderbird-3.1.11-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-thunderbird-3.1.11-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-3.1.11-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-3.1.11-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
67b87516b8834e37caa3dd56ebd1eeb8 mozilla-thunderbird-3.1.11-i686-1.txz

Slackware x86_64 13.0 package:
fde85a7ccc837e773f776c04ef20fb0d mozilla-thunderbird-3.1.11-x86_64-1_slack13.0.txz

Slackware 13.1 package:
8301393fda44746777e9252ca0cd38ff mozilla-thunderbird-3.1.11-i686-1.txz

Slackware x86_64 13.1 package:
7087a2f4619a1f109146196f3c230e7f mozilla-thunderbird-3.1.11-x86_64-1_slack13.1.txz

Slackware 13.37 package:
085255140003a9155ec18b22fc6ad84d mozilla-thunderbird-3.1.11-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
ae412c6b31ba2f110d0f25bb74493f8a mozilla-thunderbird-3.1.11-x86_64-1_slack13.37.txz

Slackware -current package:
1e98a712858c9300da9113276f39d403 mozilla-thunderbird-3.1.11-i486-1.txz

Slackware x86_64 -current package:
03a1eea4cab85fa048c308b5f6acec03 mozilla-thunderbird-3.1.11-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg mozilla-thunderbird-3.1.11-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] bind (SSA:2011-189-01)

New bind packages are available for Slackware 13.37, and -current to
fix a security issue.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/bind-9.7.3_P3-i486-1_slack13.37.txz: Upgraded.
A specially constructed packet will cause BIND 9 (“named”) to exit,
affecting DNS service. The issue exists in BIND 9.6.3 and newer.
“Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. This was fixed by disambiguating internal database
representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]“
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.3_P3-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.3_P3-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.3_P3-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.3_P3-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.37 package:
6aa159ec74146d5794cd46075541405c bind-9.7.3_P3-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
08abf6bfffc52c0a392658ebd3fa046c bind-9.7.3_P3-x86_64-1_slack13.37.txz

Slackware -current package:
e5e1be017f8204ba3e3b4ad9e30f3714 n/bind-9.7.3_P3-i486-1.txz

Slackware x86_64 -current package:
3d1e556bc5a7646cf331398a8f09d582 n/bind-9.7.3_P3-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg bind-9.7.3_P3-i486-1_slack13.37.txz

Then, restart the name server:

# /etc/rc.d/rc.bind restart

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] pidgin (SSA:2011-178-01)

New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37,
and -current to fix a security issue.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/pidgin-2.9.0-i486-1_slack13.37.txz: Upgraded.
Fixed a remote denial of service. A remote attacker could set a specially
crafted GIF file as their buddy icon causing vulerable versions of pidgin
to crash due to excessive memory use.
For more information, see:
http://pidgin.im/news/security/?id=52
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/pidgin-2.9.0-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/pidgin-2.9.0-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/pidgin-2.9.0-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/pidgin-2.9.0-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/pidgin-2.9.0-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/pidgin-2.9.0-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/pidgin-2.9.0-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/pidgin-2.9.0-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/pidgin-2.9.0-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 12.2 package:
fc1a92d8fcce2b11d3eea747255aadd5 pidgin-2.9.0-i486-1_slack12.2.tgz

Slackware 13.0 package:
4523a538f5c1f6dbc267a05c3f0c3d39 pidgin-2.9.0-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
b10d74b33d814f41bb3e7e3a65013d83 pidgin-2.9.0-x86_64-1_slack13.0.txz

Slackware 13.1 package:
815fe39274fea0b7618dee8465be5b09 pidgin-2.9.0-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
e7d6da493c76f3898c25590d4ec09490 pidgin-2.9.0-x86_64-1_slack13.1.txz

Slackware 13.37 package:
276ab5a94fad246d9120c33a396fb484 pidgin-2.9.0-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
6625960c550a8ee6373abb5338c25818 pidgin-2.9.0-x86_64-1_slack13.37.txz

Slackware -current package:
517f9f04054fd5ce1df1e63b5b12811f xap/pidgin-2.9.0-i486-1.txz

Slackware x86_64 -current package:
98d49d72f76fae74eee558a8173ef98a xap/pidgin-2.9.0-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg pidgin-2.9.0-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] mozilla-firefox (SSA:2011-174-01)

New mozilla-firefox packages are available for Slackware 13.0, 13.1,
13.37, and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/mozilla-firefox-5.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-firefox-3.6.18-i686-1.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-firefox-3.6.18-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-firefox-3.6.18-i686-1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-firefox-3.6.18-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-firefox-5.0-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-firefox-5.0-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-5.0-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-5.0-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
6bae11a48ff0dbd131535523da47dfa3 mozilla-firefox-3.6.18-i686-1.txz

Slackware x86_64 13.0 package:
9c6b5b65cb74692f8e51e92a9af1b174 mozilla-firefox-3.6.18-x86_64-1_slack13.0.txz

Slackware 13.1 package:
5de7a771024cf248144cc84bf22e6c0b mozilla-firefox-3.6.18-i686-1.txz

Slackware x86_64 13.1 package:
9868ece365ad9c8fb88492e98124e989 mozilla-firefox-3.6.18-x86_64-1_slack13.1.txz

Slackware 13.37 package:
0f44d12d4cab622f99c20025090cc344 mozilla-firefox-5.0-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
cd7eb8f9e363e10026b1ecfa88a927b1 mozilla-firefox-5.0-x86_64-1_slack13.37.txz

Slackware -current package:
082655c72f19e52b4d6b97881d3b4388 xap/mozilla-firefox-5.0-i486-1.txz

Slackware x86_64 -current package:
a9dd701bf34e6141b386530ad38d4292 xap/mozilla-firefox-5.0-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg mozilla-firefox-5.0-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com