-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  libX11 (SSA:2018-233-01)

New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/libX11-1.6.6-i586-1_slack14.2.txz:  Upgraded.
  This update fixes some security issues:
  Fixed crash on invalid reply (CVE-2018-14598).
  Fixed off-by-one writes (CVE-2018-14599).
  Fixed out of boundary write (CVE-2018-14600).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14598
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14599
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14600
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.

Updated package for Slackware 14.0:

Updated package for Slackware x86_64 14.0:

Updated package for Slackware 14.1:

Updated package for Slackware x86_64 14.1:

Updated package for Slackware 14.2:

Updated package for Slackware x86_64 14.2:

Updated package for Slackware -current:

Updated package for Slackware x86_64 -current:


MD5 signatures:
+-------------+

Slackware 14.0 package:
9bb8475057d8a2608b2fd12c0a1cbd21  libX11-1.6.6-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
58161eb995afd54e46c54ac7f8514863  libX11-1.6.6-x86_64-1_slack14.0.txz

Slackware 14.1 package:
12b07f273428650137f8f1ed7e8a47ee  libX11-1.6.6-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
9e3744bcdbeb040bf74e1cf60e65a6e3  libX11-1.6.6-x86_64-1_slack14.1.txz

Slackware 14.2 package:
e8dce4b7c0084e08cf5e98b01623e96d  libX11-1.6.6-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
0066b709becabab5661427863f9cbc37  libX11-1.6.6-x86_64-1_slack14.2.txz

Slackware -current package:
6ec3f2b5f2f314f5e9360e54864c70e5  x/libX11-1.6.6-i586-1.txz

Slackware x86_64 -current package:
44e4bd7fd0842ff5f980d812828e78e9  x/libX11-1.6.6-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg libX11-1.6.6-i586-1_slack14.2.txz


+-----+

Slackware: 2018-233-01: libX11 Security Update

August 21, 2018
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libX11-1.6.6-i586-1_slack14.2.txz: Upgraded. This update fixes some security issues: Fixed crash on invalid reply (CVE-2018-14598). Fixed off-by-one writes (CVE-2018-14599). Fixed out of boundary write (CVE-2018-14600). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14598 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14599 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14600 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.0 package: 9bb8475057d8a2608b2fd12c0a1cbd21 libX11-1.6.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 58161eb995afd54e46c54ac7f8514863 libX11-1.6.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 12b07f273428650137f8f1ed7e8a47ee libX11-1.6.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 9e3744bcdbeb040bf74e1cf60e65a6e3 libX11-1.6.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: e8dce4b7c0084e08cf5e98b01623e96d libX11-1.6.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 0066b709becabab5661427863f9cbc37 libX11-1.6.6-x86_64-1_slack14.2.txz
Slackware -current package: 6ec3f2b5f2f314f5e9360e54864c70e5 x/libX11-1.6.6-i586-1.txz
Slackware x86_64 -current package: 44e4bd7fd0842ff5f980d812828e78e9 x/libX11-1.6.6-x86_64-1.txz

Severity
[slackware-security] libX11 (SSA:2018-233-01)
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg libX11-1.6.6-i586-1_slack14.2.txz

Related News

28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved