SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Several flaws in libcurl's curl_easy_duphandle() function can lead to libcurl eventually sending off sensitive data that was not intended
for sending. See curl's advisory for more details. (CVE-2014-3707)
It was discovered the encoding of elliptic curves parameters in GnuTLS 3 is vulnerable to a denial of service (heap corruption). The
vulnerability affects clients and servers that print information about a peer's certificate (e.g. key ID) and can be exploited via specially
crafted X.509 certificates. (CVE-2014-8564)
php
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file (CVE-2014-3710).
Fixed in php 5.4.35.
file
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file (CVE-2014-3710).
Fixed upstream (not yet released at the time of writing)
tcpdump
denial of service in verbose mode using malformed OLSR payload (CVE-2014-8767)
denial of service in verbose mode using malformed Geonet payload (CVE-2014-8768) (vulnerability introduced in tcpdump 4.5.0, thus not affecting Slackware 14.1 or -current)
unreliable output using malformed AOVD payload (CVE-2014-8769)
Fixed in tcpdump 4.7.0 (not yet released at the time of writing)
dbus
local users can cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636 (CVE-2014-7824).
Fixed in dbus 1.6.26
kde-workspace
KDE workspace configuration module for setting the date and time has a helper program which runs as root for performing actions. This is secured with polkit. This helper takes the name of the ntp utility to run as an argument. This allows a hacker to run any arbitrary command as root under the guise of updating the time (CVE-2014-8651).
Fixed in kde-workspace 4.11.14
Last edited by sanjioh; 11-23-2014 at 12:31 PM.
Reason: clearer CVE-2014-8768 description, as per post #289 by mancha
Based on sanjioh's report in the previous post, I've backported fixes for tcpdump 4.4.0 and file 5.14 (versions shipped with Slackware
14.1 and current). For php, dbus, and kde-workspace, sanjioh provides the versions that fix the identified vulnerabilities.
Slackware's lesspipe isn't that expansive, but even if it were, I'm not sure I buy this as being a threat.
If I download a malicious cpio file and view it with less using lesspipe, then that's no more dangerous than me downloading a cpio file and viewing it with cpio -t. If cpio is broken, then cpio is broken and it doesn't matter whether I'm viewing it directly with cpio or indirectly via less/lesspipe, mc, or any other front end.
I don't see how disabling lesspipe buys you anything.
It was recently disclosed FLAC 1.3.0 and earlier is vulnerable to a stack overflow (CVE-2014-8962) and heap overflow condition
(CVE-2014-9028) that can be exploited by an attacker via maliciously crafted .flac files to trigger arbitrary code execution.
libksba prior to version 1.3.2 is vulnerable to a buffer overflow condition that can be exploited by an attacker via maliciously crafted
S/MIME messages or ECC-based OpenPGP data to trigger a denial of service or other unspecified impact. GnuPG 2.x users are
encouraged to upgrade promptly. See announcement for more details. (CVE-2014-9087)
Slackware's lesspipe isn't that expansive, but even if it were, I'm not sure I buy this as being a threat.
If I download a malicious cpio file and view it with less using lesspipe, then that's no more dangerous than me downloading a cpio file and viewing it with cpio -t. If cpio is broken, then cpio is broken and it doesn't matter whether I'm viewing it directly with cpio or indirectly via less/lesspipe, mc, or any other front end.
I don't see how disabling lesspipe buys you anything.
Oh, thanks for the clarification. I wasn't sure if it was that harmful.
I believe splitvt has a security bug - misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges. (CVE-2008-0162, yes, pretty ancient)
I've compared the Slackware version to the Debian version (link, see 1.6.6-4 changelog entry), it hasn't been patched yet.
(Yeah, I remembered the Slackware installer has pretty much said for years now in the splitvt description "use screen", which made me wonder why it's still included with Slackware.)
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,095
Rep:
Quote:
Originally Posted by Jeebizz
Running Slackware14.1-64bit and I am suddenly presented with this: Attachment 17055
Looks like that will have to be updated for the next release of Slackware.
Perhaps this is in the wrong thread? Regardless, the version of xscreensaver in -current is 5.29
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
