SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
A vulnerability related to SSID processing in wpa_supplicant's Wi-Fi P2P implementation can be exploited by remote attackers within
radio distance to cause denials of service, information disclosure, and potentially arbitrary code execution. (CVE-2015-1863)
Vulnerable code was introduced in wpa_supplicant 1.0 and affects Slackware 14.1 through current (note: though Slackware 14.0
ships wpa_supplicant 1.0, it doesn't build it with Wi-Fi peer-to-peer support so is not vulnerable).
Recommendation for Slackware 14.1 & current: Rebuild wpa_supplicant after applying upstream's fix.
Several overflow and OOB issues were fixed in tcpdump 4.7.0, 4.7.2, and 4.7.4. The security impact of these ranges from DoS to
possible arbitrary code execution. (CVE-2014-9140; CVE-2015-0261; CVE-2015-2153; CVE-2015-2154; and CVE-2015-2155)
The last time tcpdump issues were reported on this thread, I developed backported fixes for use on Slackware. This time around,
I recommend interested slackers upgrade their versions.
Description
A buffer overflow in gethostbyname_r() and related functions performing
DNS requests has been fixed. If the NSS functions were called with a
misaligned buffer, the buffer length change due to pointer alignment was
not taken into account. This could result in application crashes or
potentially arbitrary code execution using crafted but syntactically
valid DNS responses.
Impact
A remote attacker can crash or execute arbitrary code by crafting
malicious DNS responses to the requests made by an application. To be
vulnerable, the application must be passing a misaligned buffer to
gethostbyname_r() or related functions.
This is an update to my recent curl report in post #360. It was determined many users of curl (applications linking libcurl and cli
end-users) were not aware that, when using a proxy server, curl by default sends custom HTTP headers to both the proxy and
the destination. This default is problematic when sensitive headers sent via SSL/TLS to the destination are seen elsewhere.
(CVE-2015-3153)
Note: Slackware 14.0 ships MySQL 5.5.36 which has known vulnerabilities. Users on that system should upgrade to MySQL 5.5.43
or transition to MariaDB 5.5.43. The versions of MySQL shipped with Slackware 13.0-13.37 have EOL'd so users on those systems
should take appropriate action.
A vulnerability in the handling of SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY messages allows an attacker to DoS
attack clients and servers. (CVE-2015-3146)
In QEMU's floppy disk controller: During processing of certain commands such as FD_CMD_READ_ID and D_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could get out of bounds leading to memory corruption with values coming from the guest, possibly giving access to sensitive data. Ref.: VENOM vulnerabilty.
There is a patch for QEMU CVE-2015-3456 but other products that use the same code are affected, see the above referenced document.
Firefox downloads binary blob "libgmpopenh264.so" (by Cisco Systems Inc.) without user consent
Firefox downloads a binary blob called "libgmpopenh264.so" created by Cisco Systems Inc. without asking the user for consent. It seems this is used by webrtc. As far as I can tell this started with Firefox 33.
This is an opensource codec from Cisco for h264 videos. The only reason it isn't included already in Firefox is because Mozilla's license doesn't allow it to be distributed, so a binary is downloaded when the browser opens.
However, Mozilla is the one compiling the binary (and generating a cryptographic hash) not Cisco, and then Cisco grabs the binary from Mozilla to host/distribute. Once the binary is downloaded into Firefox, it is verified that the cryptographic hash matches to make sure no tampering has occurred.
@bassmadrigal Thanks for the clarification. I had done some searching and perusal of some of the reports related to the Cisco h264 topic at mozilla, fedora/redhat, and debian; but had not yet come across this information. Much appreciated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.