[Slackware security] GnuTLS multiple vulnerabilities + (un)lucky-13
Multiple security vulnerabilities exist in GnuTLS shipped in Slackware
12.0 through current (didn't check prior to 12.0):
2.6.x, 2.8.x, 2.10.x, and 2.12.x, according to GnuTLS there should* be full
backwards compatibility (binary and source). GnuTLS 2.12.23 + upstream patch
for CVE-2013-2116 would address above issues for Slackware 12.0-13.37.
For Slackware 14.0 and current, either GnuTLS 3.0.30 or 3.1.12 (which is
advertised as binary/source compatible with 3.0.x) would address the
*Programs that use unofficial interfaces might require re-building.
I consider that Slackware is amazingly safe (in terms of security) given the small team size. This is due obviously to Pat's dedication and care, but also to this sort of contribution.
What a great community! So many serious users, and a very good S/N ratio! --except when it comes to systemd ;)
|All times are GMT -5. The time now is 10:12 PM.|