Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Slackware: 2023-204-05 Urgent: Minicom Remote Code Execution

slackware
Calendar Grey April 19, 2017
Dist Slackware Esm H88
A security patch for Minicom affecting various Slackware releases tackles a vulnerability that allows for remote code execution. Please update immediately!
New minicom packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/minicom-2.7.1-i586-1_slack14.2.txz: Upgraded. Fix an out of bounds data access that can lead to remote code execution. This issue was found by Solar Designer of Openwall during a security audit of the Virtuozzo 7 product, which contains derived downstream code in its prl-vzvncserver component. For more information, see: https://www.cve.org/CVERecord?id=CVE-2017-7467 (* Security fix *)

Topics%20covered

Topics Covered

security advisory update remote code execution Slackware minicom

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/minicom-2.7.1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/minicom-2.7.1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/minicom-2.7.1-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/minicom-2.7.1-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/minicom-2.7.1-i486-1_slack13.37.txz
Updated package for Sla...

Read the Full Advisory

MD5 Signatures

Slackware 13.0 package: b7197571bc25f6272a49e016e75260c0 minicom-2.7.1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 5f90a004fd56dfde61e4edccc6600bf6 minicom-2.7.1-x86_64-1_slack13.0.txz
Slackware 13.1 package: e719abf9c97fb624c2158d119b29a8e3 minicom-2.7.1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: d096a62153dbca10477ce9c5b7f3e4cd minicom-2.7.1-x86_64-1_slack13.1.txz
Slackware 13.37 package: 30b55c08506d65aeb34f788bcf92bbd2 minicom-2.7.1-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 366d9f36aa9126d561493c9c1ee59b8f minicom-2.7.1-x86_64-1_slack13.37.txz
Slackware 14.0 package: e02ca4c7e052a60297487d54cea1563e minicom-2.7.1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 9b6997e949b872e539d9e20be11c3824 minicom-2.7.1-x86_64-1_slack14.0.txz
Slackware 14.1 package: 3ea4b0a6a5161670203b56b8aa0c091b minicom-2.7.1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: fb5e623fffc45aadf7fe97264e761fd9 minicom-2.7.1-x86_64-1_slack14.1.txz
Slackware 14.2 package: 7de4ed4ba12b1868012b2a62365ca441 minicom-2.7.1-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 86031667476f918e824257bbf6d5d05e minicom-2.7.1-x86_64-1_slack14.2.txz
Slackware -current package: b41864d475ac9958efe9dd5e48dbddbe a/minicom-2.7.1-i586-1.txz
Slackware x86_64 -current package: cba988ccb02f9f8772488928094ed297 a/minicom-2.7.1-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory update remote code execution Slackware minicom

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg minicom-2.7.1-i586-1_slack14.2.txz

Related News

Your message here