LinuxSecurity.com: New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...]
on 06/30/2010 – Made popular on 06/30/2010
In preparation for the upcoming release going beta, I thought I'd share/re-cap a few outstanding vulnerabilities of varying severity in Slackware-current:
xlockmore: CVE-2013-4143; fixed in xlockmore 5.43 (see: thread)
subversion: CVE-2013-4131; fixed in subversion 1.7.11
On December 5, Canonical published in a security notice details about a CUPS vulnerability for its Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 11.10 (Oneiric Ocelot), Ubuntu 10.04 LTS (Lucid Lynx), and Ubuntu 8.04 LTS (Hardy Heron) operating systems. According to Canonical, programs that used LibTIFF could have been made to crash or to run programs, if they opened a specially-crafted file.
I am a long time user of Slackware, and some things makes me think a little about things that may be lacking. One of them is how to keep the system up and running with the latest upstream version, mainly because of security concerns.
Of course Slackware security group delivers new versions when security issues hit packages Slackware packages.