Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
08-29-2022, 03:35 PM
|
#76
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
libtiff
CVE-2022-2953
Code:
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905,
allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile
libtiff from sources, the fix is available with commit 48d6ece8.
https://nvd.nist.gov/vuln/detail/CVE-2022-2953
|
|
1 members found this post helpful.
|
08-29-2022, 04:42 PM
|
#77
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
|
|
1 members found this post helpful.
|
08-31-2022, 09:17 AM
|
#78
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
glibc 2.36
CVE-2022-39046
Code:
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed
a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and
prints it to the target log file, potentially revealing a portion of the contents of the heap.
https://nvd.nist.gov/vuln/detail/CVE-2022-39046
|
|
2 members found this post helpful.
|
09-01-2022, 02:25 AM
|
#79
|
Senior Member
Registered: Jul 2010
Location: Near Bordeaux in France
Distribution: slackware, slackware from scratch, LFS, slackware [arm], linux Mint...
Posts: 1,586
|
Binutils
CVE-2022-38533 received a patch, follow link:
https://sourceware.org/git/?p=binuti...5c6b87dcef08cd
|
|
1 members found this post helpful.
|
09-01-2022, 10:23 PM
|
#80
|
Member
Registered: Apr 2008
Location: France
Distribution: Slackware
Posts: 107
Rep:
|
Since "91.13.0 is the final release of Thunderbird 91", I would expect mozilla-thunderbird-102.2.1 landing in 15.0.
https://www.thunderbird.net/en-US/th.../releasenotes/
|
|
|
09-03-2022, 05:10 PM
|
#82
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
Vim
CVE-2022-3099
Code:
Use After Free in GitHub repository vim/vim prior to 9.0.0359
https://nvd.nist.gov/vuln/detail/CVE-2022-3099
|
|
|
09-06-2022, 05:14 PM
|
#83
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
Quote:
Originally Posted by regdub
|
Done
Code:
Tue Sep 6 20:21:24 UTC 2022
...
patches/packages/mozilla-thunderbird-102.2.1-x86_64-1_slack15.0.txz: Upgraded.
...
http://ftp.slackware.com/pub/slackwa.../ChangeLog.txt
|
|
1 members found this post helpful.
|
09-06-2022, 11:47 PM
|
#84
|
Member
Registered: Apr 2008
Location: France
Distribution: Slackware
Posts: 107
Rep:
|
Quote:
Originally Posted by marav
|
Nice.
And we get firefox 102esr with a little advance.
|
|
|
09-07-2022, 11:06 AM
|
#85
|
Member
Registered: Mar 2010
Location: France
Distribution: Slackware
Posts: 603
|
python3-3.9.14 is released with security fix.
Quote:
CVE-2020-10735
Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity.
Security releases for 3.9.14, 3.8.14, and 3.7.14 are made available simultaneously to address this issue, along with some less urgent security content.
Upgrading your installations is highly recommended.
|
|
|
1 members found this post helpful.
|
09-08-2022, 01:00 PM
|
#86
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
Vim
CVE-2022-3153
Code:
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
https://nvd.nist.gov/vuln/detail/CVE-2022-3153
|
|
|
09-09-2022, 06:16 AM
|
#87
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
plasma-workspace
Code:
it appears that Plasma 5.25.5 has introduced a regression:
https://bugs.kde.org/show_bug.cgi?id=458829
A fix for it has been in master for a while, but was never put in stable
because it appeared to not affect stable.
Since there are no scheduled bugfixes releases for Plasma 5.25 anymore
(and the discussion about unscheduled ones is still ongoing) please
apply
https://mail.kde.org/pipermail/distr...er/001287.html
Patch:
https://invent.kde.org/plasma/plasma...c39e1acf967454
|
|
|
09-14-2022, 05:09 AM
|
#88
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
plasma-integration
Code:
For more details, check QTBUG-95817. But to summarize it in a couple of
words: a window will stop pushing buffers when it's resized and using
threaded render loop.
[PATCH] Bring back workaround for threaded render loop not working on NVIDIA Wayland
https://invent.kde.org/plasma/plasma...52bd3c9c.patch
|
|
|
09-14-2022, 09:05 AM
|
#89
|
LQ Sage
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,843
Original Poster
|
plasma-workspace
Delay ksplash until after env is set up
Code:
otherwise we can dbus invoke with the wrong environment. specifically
this happens with the latest qtbase changes that introduced color
picking support on wayland. when we start a qguiapplication with
incomplete environment that dbus invokes the xdg-portal system and that
in turn has an incomplete environment resulting in theming and the likes
not properly applying because the portal doesn't know that it runs
inside a plasma session.
qt/qt/qtbase@2dc083df
BUG: 458865
Patch:
https://invent.kde.org/plasma/plasma...af6de91e.patch
|
|
1 members found this post helpful.
|
09-14-2022, 02:19 PM
|
#90
|
Slackware Maintainer
Registered: Dec 2002
Location: Minnesota
Distribution: Slackware! :-)
Posts: 2,949
|
Quote:
Originally Posted by marav
plasma-workspace
Delay ksplash until after env is set up
Code:
otherwise we can dbus invoke with the wrong environment. specifically
this happens with the latest qtbase changes that introduced color
picking support on wayland. when we start a qguiapplication with
incomplete environment that dbus invokes the xdg-portal system and that
in turn has an incomplete environment resulting in theming and the likes
not properly applying because the portal doesn't know that it runs
inside a plasma session.
qt/qt/qtbase@2dc083df
BUG: 458865
Patch:
https://invent.kde.org/plasma/plasma...af6de91e.patch
|
This one looks to be already applied.
|
|
|
All times are GMT -5. The time now is 04:11 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|