Mutt 2.0.5 was released on January 21, 2021. This is a bug-fix release, fixing a few memory leaks, including CVE-2021-3181.
ftp://ftp.mutt.org/pub/mutt/mutt-2.0.5.tar.gz |
CVE-2021-3156 sudo heap buffer overflow
1 Attachment(s)
CVE-2021-3156
Heap buffer overflow affecting sudo versions 1.8.2 through 1.8.31p2 and 1.9.0 through 1.9.5p1. Patch is here. Additional note: Conditional check of libpam symbolic link in sudo.Slackbuild fails on Slackware64 because LIBDIRSUFFIX is not defined in the arch detection stanza like it usually is. |
Fixed in -current (and 14.0, 14.1, 14.2).
|
Recently several dnsmasq vulnerabilities were reported. Version 2.78 in 14.2 is affected.
|
CVE-2021-21148 affects Google Chrome/Chromium-based browsers
Upgrade to Chromium 88.0.4324.150 or later. https://chromereleases.googleblog.co...desktop_4.html |
GNU Screen up to and including version 4.8.0 is vulnerable to CVE-2021-26937
https://www.linuxquestions.org/quest...ty-4175690257/ https://cve.mitre.org/cgi-bin/cvenam...CVE-2021-26937 A patch is available here: https://salsa.debian.org/debian/scre...21-26937.patch The patch seems to apply cleanly on 4.8.0 running Slackware-current as far as I can tell. |
OpenSSL 1.1.1j
Upgraded in -current according to the latest ChangeLogs: Quote:
|
python 3.x through 3.9.1 are vulnerable to CVE-2021-3117
https://cve.mitre.org/cgi-bin/cvenam...=CVE-2021-3177 Not aware of any patch yet. |
Quote:
https://github.com/python/cpython/co...1353ecc3.patch |
Bind-9.10.12 affected by a serious bug according to this: http://wiki.linuxfromscratch.org/blfs/ticket/14683
it's advised to downgrade to bind-9.10.11 + a sed patch. |
Kinda "nice" thread, but perhaps unstick it and create [Slackware security] vulnerabilities outstanding 20210301 ?
Or whatever month/day we go beyond Slackware 15 beta... |
Thunderbird 78.8.0 fixes the following security vulnerabilities:
https://www.mozilla.org/en-US/securi...s/mfsa2021-09/ Edit: Available in -current according to the latest ChangeLogs. Quote:
|
duplicate post.
|
GRUB: 117 security patches at once.
Daniel Kiper just released no less than 117 patches to fix vulnerabilities in GRUB.
I have pulled from git master and built a new GRUB package for Slint that I will upload today. I suggest to do the same for Slackware. |
Quote:
GRUB 2.04 has quite a few issues (e.g. the BootHole vulnerability) and version 2.06 is still pending. |
All times are GMT -5. The time now is 03:51 AM. |