I got two emails from the Slackware Security mailing list a few minutes ago detailing the following issues:
New XV image viewer packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. Format string and other issues could cause a crash or execution of arbitrary code if a specially crafted image is loaded with XV.
New tcpdump packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A specially crafted BGP packet can cause tcpdump to go into an infinite loop, creating a denial of service where network monitoring is disabled.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
Apparently there’s even more updates to Slackware-current, they are mostly version upgrades. You might want to see the full details from the changelog itself.
Happy Slacking!
No responses to “Slackware Security Update: XV and tcpdump” yet. Come on, be the first!
Have Your Say