Skip to content. | Skip to navigation

Sections
Personal tools
You are here: Home News
 

News

Samba-3.0.33 security update

Posted by Rodrigo Bistolfi at Jan 04, 2009 08:51 AM |

A new samba package is now available for VL 6.0. This is a security patch which closes a known vulerability. Anyone running VL 6.0 release candidate 1.5 or earlier as well as any of the alpha or beta builds will likely want to upgrade samba. The new package is already in the patches repository.

  • Package: samba-3.0.33-i486-1_slack12.1.tlz
  • MD5: fe46c66a71a45c9c7d6d35834585d343
  • Package Size: 11.88 MB
  • Installed Size: 53.93 MB
  • Sources: Samba-3.0.33
samba (SMB file and print server)

Samba is an SMB file and print server for SMB and CIFS clients. It allows you to make file space or printers on a Samba host available to any PCs running SMB clients (such as PCs running Windows).

If you have any SMB servers (such as Windows NT/2K Server), you may be able to replace them by or supplement them with Samba. One of Samba's big strengths is integration, so you can use it to tie together your Linux hosts and Windows PC clients.

Read More…

Thunderbird-2.0.0.19 security update

Posted by Rodrigo Bistolfi at Jan 02, 2009 07:41 AM |

The latest version of the Mozilla Thunderbird e-mail client is available for VL 5.9 and VL 6.0. This package is a security patch that closes several known vulnerabilities rated as "moderate" by Mozilla.org. Details can be found at: Mozilla.org. Users who installed an earlier version of Thunderbird from the repository who are concerned about these issues may want to upgrade right away.

As soon as we have had some user feedback and know that this package is solid it will be moved to extra.

thunderbird (Mozilla Thunderbird mail application)

Mozilla Thunderbird is a redesign of the Mozilla mail component written using the XUL user interface language. Thunderbird makes emailing safer, faster, and easier than ever before with the industry's best implementations of features such as intelligent spam filters, built-in RSS reader, quick search, and much more.


License: MPL 1.1/GPL 2.0/LGPL 2.1
Author: Initial Developer - Netscape Communications Corporation
Website: http://www.mozilla.org/projects/thunderbird/
  • Package: thunderbird-2.0.0.19-i586-1vl59.tlz
  • MD5: 2cd55ae0f1253db32426934093d1bf3c
  • Package Size: 8.29 MB
  • Installed Size: 30.05 MB
  • Sources: mozilla-thunderbird-5.9
  • Package: thunderbird-2.0.0.19-i586-1vl60.tlz
  • MD5: cbabed54851968c964e1019e62853cca
  • Package Size: 8.53 MB
  • Installed Size: 30.69 MB
  • Sources: mozilla-thunderbird-6.0

Read More…

VectorLinux 6.0 RC1 has been released

Posted by Rodrigo Bistolfi at Dec 22, 2008 04:30 AM |
Filed under: Releases

The VectorLinux development team is proud to announce the first release candidate of VectorLinux 6.0. This release is the result of the excellent bug reporting feedback from members of our community and beyond. We have tried to squash most of the bugs reported and add some additional polish to the default theme and the gui installer. The gui installer has gone through many rewrites since the beta2 release. We think you will find many improvements both in design and execution. We are still looking for feedback as the installer progresses towards our final release. We have updated several software packages and have added the all new slapt-get notifier which automatically notifies the user via a tray icon that software updates are available. The browser plugins have been updated to the latest flash 10 and mplayerplug-in. Firefox, Opera, Seamonkey, Gftp, Pidgin and our own Vl-hot have all been updated since the beta2 release. We are another step closer to final!

The big news is Vector has a new gui installer for the first time! This was built from the ground up and not a rehash of any of the other gui installers used by other distro's. This release features the 2.6.27.7 kernel with the latest wireless drivers and firmware updates. The default Window manager is Xfce4 with LXDE as alternate. We have the latest Firefox, Opera and Seamonkey with all the media codecs and flash so all the web and personal media content is available out of the box. For light office work you will find Abiword and Gnumeric. For heavy duty work, OpenOffice is available as a download from our ever expanding repo. We have added jpilot for those of you with handhelds. The included multimedia applications are the latest Mplayer, Xine, K3b and vlc. We have some of the all time favorite games including Penguin command, Pysol and Xgalaga and many more available in our repo. The latest stable Perl 5.10 has also been added. We hope you enjoy our latest labor of love. Please let us know of any bugs you encounter or just general feedback by posting in our web forum.

The iso and md5sum are here:

Please report bugs and comments here:

Read More…

Firefox security update

Posted by Rodrigo Bistolfi at Dec 22, 2008 04:24 AM |

The Mozilla Foundation announced a new release of Mozilla Firefox to fix security issues. The version 3.0.5 is available now for both 5.9 and 6.0 VectorLinux versions.

Firefox (Mozilla Firefox Web Browser)

Firefox 3 is the next generation release of the award-winning
Firefox web browser from Mozilla.
To comply with Mozilla trademarks and to assure quality control
this is the official Mozilla build packaged for VectorLinux.


License: MPL 1.1/GPL 2.0/LGPL 2.1
Author: Mozilla Foundation
Website: http://www.mozilla.com/en-US/firefox/

Read More…

VectorLinux 6.0 Beta 2 has been released

Posted by Rodrigo Bistolfi at Dec 08, 2008 07:22 AM |
Filed under: Releases

The VectorLinux development team is proud to announce the Second beta release of VectorLinux 6.0. We have worked hard to debug the first beta release based on reported bugs, and we have also refined the look and feel with a brand new theme.The gui installer is just about there, more feedback is welcome with this release. We have added several software packages to make this a complete release. We are on our way to final!

The big news is Vector has a new gui installer for the first time! This was built from the ground up and not a rehash of any of the other gui installers used by other distro's. This release features the 2.6.27.7 kernel with the latest wireless drivers and firmware updates. The default Window manager is Xfce4 with LXDE as alternate. We have the latest Firefox, Opera and Seamonkey with all the media codecs and flash so all the web and personal media content is available out of the box. For light office work you will find Abiword and Gnumeric. For heavy duty work, OpenOffice is available as a download from our ever expanding repo. We have added jpilot for those of you with handhelds. The included multimedia applications are the latest Mplayer, Xine, K3b and vlc. We have some of the all time favorite games including Penguin command, Pysol and Xgalaga and many more available in our repo. The latest stable Perl 5.10 has also been added.

We hope you enjoy our latest labor of love. Please let us know of any bugs you encounter or just general feedback by posting in our web forum.

Cheers,

The Vector Team

The download links to the iso and md5sum are below.

Forum Bug reports go here:

Read More…

VectorLinux 6.0 Beta 1 has been released

Posted by Rodrigo Bistolfi at Nov 26, 2008 09:09 PM |
Filed under: Releases

The first Beta of the next VectorLinux is finally here.

Read More…

Firefox security update

Posted by Rodrigo Bistolfi at Nov 18, 2008 07:10 AM |

Firefox 3.0.4 for VL 5.9, VL 5.9.1 and 6.0 is available from the VectorLinux repository. Please note that this is a security patch and bugfix release. If you are running Firefox 3.0.3 or earlier you probably should upgrade to this package. As soon as we have adequate testing reports it will be moved to the patches repository. If you use a language pack, you will need to reinstall it.

  • Package: firefox-3.0.4-i586-1vl59.tlz
  • MD5: bffa481a73384f3b080957a70ddee12c
  • Package Size: 7.26 MB
  • Installed Size: 25.36 MB
  • Package: firefox-3.0.4-i586-1vl60.tlz
  • MD5: 38d4b580204b9cd5596ead3f3c3e0f2a
  • Package Size: 7.27 MB
  • Installed Size: 25.36 MB

Source: http://vectorlinux.osuosl.org/veclinux-5.9/source/testing/net/firefox
Source: http://vectorlinux.osuosl.org/veclinux-current/source/testing/net/firefox

Firefox (Mozilla Firefox Web Browser)

Firefox 3 is the next generation release of the award-winning Firefox web browser from Mozilla. To comply with Mozilla trademarks, and to assure quality control, this is the official Mozilla build, packaged for VectorLinux.

License: MPL 1.1/GPL 2.0/LGPL 2.1 Author: Mozilla Foundation Website: http://www.mozilla.com/en-US/firefox/

Read More…

Cups security update

Posted by Rodrigo Bistolfi at Nov 17, 2008 07:18 AM |

The latest version of CUPS (Common UNIX Printing System) is available for VL 5.9 and 6.0. Please note that this is a security patch and bugfix release. If you are running cups 1.3.8 or earlier you probably should upgrade to this package.

Please also note that this package is in the patches repository. VL 6.0 users should now enable patches in gslapt or in their /etc/slapt-get/slapt-getrc file.

  • Package: cups-1.3.9-i486-1_slack12.0.tlz
  • MD5: 94116ff3d777bfcc0ec08581c2cf8944
  • Package Size: 2.15 MB
  • Installed Size: 12.00 MB
  • Package: cups-1.3.9-i486-1_slack12.1.tlz
  • MD5: fec99d7896a3091bc178e50d6691ff1c
  • Package Size: 2.15 MB
  • Installed Size: 12.8 MB

Sources: http://vectorlinux.osuosl.org/veclinux-current/source/patches/base/cups
Sources: http://vectorlinux.osuosl.org/veclinux-5.9/source/patches/base/cups

CUPS (Common UNIX Printing System)

The Common UNIX Printing System provides a portable printing layer for UNIX(R)-like operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS uses the Internet Printing Protocol ("IPP") as the basis for managing print jobs and queues. The CUPS package includes System V and Berkeley command-line interfaces, a PostScript RIP package for supporting non-PostScript printer drivers, and tools for creating additional printer drivers and other CUPS services.

Read More…

GnuTls security update

Posted by Rodrigo Bistolfi at Nov 17, 2008 07:10 AM |

The latest version of Gnutls is available for VL 5.9 and 6.0. Please note that this is a security patch and bugfix release. Also note that this package is in the patches repository. VL 6.0 users should now enable patches in gslapt or in their /etc/slapt-get/slapt-getrc file.

Warning: Please note that this package may cause breakage of some existing apps. We are particularly concerned about pidgin, amsn, and vlc. If this package breaks anything on your system please report it ASAP so that new, replacement packages can be built.

  • Package: gnutls-2.6.1-i486-1_slack12.0.tlz
  • MD5: bbc10131a81f886ef4186786cc77fd61
  • Package Size: 1358K
  • Installed Size: 3360K
  • Package: gnutls-2.6.1-i486-1_slack12.1.tlz
  • MD5: 03f4a5239e8a2400e2a5ea78fdc33665
  • Package Size: 1357K
  • Installed Size: 3350K

Sources: http://vectorlinux.osuosl.org/veclinux-current/source/patches/net/gnutls
Sources: Sources: http://vectorlinux.osuosl.org/veclinux-5.9/source/patches/net/gnutls

gnutls (GNU TLS library)

This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets Layer) 3.0 implementation. In brief, GnuTLS can be described as a library which offers an API to access secure communication protocols. These protocols provide privacy over insecure lines, and were designed to prevent eavesdropping, tampering, or message forgery.

Homepage: http://www.gnu.org/software/gnutls/

Read More…

Seamonkey security update

Posted by Rodrigo Bistolfi at Nov 17, 2008 06:49 AM |

A new Seamonkey 1.1.13 for VL 5.8, 5.9, 5.9.1 and the 6.0 alpha releases is available. This is a security patch and bugfix release. If you are running seamonkey 1.1.12 or earlier you probably should upgrade to this package. As soon as we have adequate testing reports it will be moved to the patches repository assuming all is well.

  • Package: seamonkey-1.1.13-i586-1vl58.tlz
  • MD5: f6d447096d4e20e0f226f1c9e1772af3
  • Package Size: 18.51 MB
  • Installed Size: 75.79 MB
  • Package: seamonkey-1.1.13-i586-1vl59.tlz
  • MD5: bcaf63d39a9d3581f8188690bbc7e9b0
  • Package Size: 18.20 MB
  • Installed Size: 74.34 MB
  • Package: seamonkey-1.1.13-i586-1vl60.tlz
  • MD5: f7729b55e143106d251ca11e04026eb7
  • Package Size: 18.07 MB
  • Installed Size: 74.25 MB

Sources: http://vectorlinux.osuosl.org/veclinux-5.8/source/testing/net/seamonkey
Sources: http://vectorlinux.osuosl.org/veclinux-5.9/source/testing/net/seamonkey
Sources: http://vectorlinux.osuosl.org/veclinux-6.0/source/testing/net/seamonkey

SeaMonkey (an open-source web browser suite)

The SeaMonkey browser suite. SeaMonkey features a state-of-the-art web browser and powerful email client, as well as a WYSIWYG web page composer and a feature-rich IRC chat client. For web developers, mozilla.org's DOM inspector and JavaScript debugger tools are included as well.

Visit the SeaMonkey project at this URL:
http://www.seamonkey-project.org/

Read More…

Firefox security upgrade

Posted by Rodrigo Bistolfi at Sep 26, 2008 11:20 AM |
Filed under: Security

A new package of Mozilla Firefox is available to solve security issues. Those who are still running the 2.x versions and want to use the latest browser from the Mozilla Foundation will need to uninstall it before installing this package. Please note that the language packs are not available yet.

mozilla-firefox (Mozilla Firefox Web browser) This project is a redesign of the Mozilla browser component written using the XUL user interface language. Firefox empowers you to browse faster, more safely and more efficiently than with any other browser. Visit the Mozilla Firefox project online: http://www.mozilla.org/projects/firefox/

Read More…

Python security upgrade

Posted by Rodrigo Bistolfi at Sep 26, 2008 11:18 AM |
Filed under: Security

A new python package is available to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144

Python is an interpreted, interactive, object-oriented programming language that combines remarkable power with very clear syntax. Python's basic power can be extended with your own modules written in C or C++. Python is also adaptable as an extension language for existing applications.

Read More…

Seamonkey security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:18 AM |
Filed under: Security

A security and bugfix update.

release notes:
http://www.seamonkey-project.org/releases/seamonkey1.1.12/
security fixes:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey1.1.12

SeaMonkey (an open-source web browser suite) The SeaMonkey browser suite. SeaMonkey features a state-of-the-art web browser and powerful email client, as well as a WYSIWYG web page composer and a feature-rich IRC chat client. For web developers, mozilla.org's DOM inspector and JavaScript debugger tools are included as well. Visit the SeaMonkey project at this URL: http://www.mozilla.org/projects/seamonkey/

Read More…

Link-grammar (Abiword plugin) security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:15 AM |
Filed under: Security

The version of link-grammar provided on the VL 5.9 Standard iso contains a security vulnerability that could result in a buffe r overflow when parsing long words (CVE 2007-5395). link-grammar is used by Abiword plugins. If you have Abiword plugins ins talled on any version of VL 5.9 you probably should upgrade your link-grammar package.
link-grammar 4.3.8, the latest version, is now available in the testing repository.

Read More…

Xine-lib security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:13 AM |
Filed under: Security

A vulnerability exists in xine-lib-1.1.14 which could allow a DoS via corrupted Ogg files (CVE-2008-3231) and possibly buffer overflows.
A new package for xine-lib-1.1.15 is in the testing repository for veclinux-current (VL 6.0) and has been in patches for VL 5. 9 for some time now. Both are available via gslapt or slapt-get.

Read More…

Libxslt security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:10 AM |
Filed under: Security

New libxslt package is available for VL 5.9 to fix a security issue.

More details about the issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767

Quote from: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.363199 A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 libxslt (XML transformation library) XSLT support for libxml2. (XSLT is a language used for transforming XML documents)

Read More…

Net-snmp security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:08 AM |
Filed under: Security

New net-snmp package is available for VL 5.9 to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292

Quote from: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.388995 A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
net-snmp (Simple Network Management Protocol tools) Various tools relating to the Simple Network Management Protocol: An extensible agent An SNMP library Tools to request or set information from SNMP agents Tools to generate and handle SNMP traps A version of the unix 'netstat' command using SNMP A graphical Perl/Tk/SNMP based mib browser

Read More…

OpenSSH upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:05 AM |
Filed under: Security

New openssh package is available for VL 5.9 to match the openssl upgrade.

openssh (Secure Shell daemon and clients) ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. sshd (SSH Daemon) is the daemon program for ssh. OpenSSH is based on the last free version of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a homepage at http://www.openssh.com/

Read More…

OpenSSL security update

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:03 AM |
Filed under: Security

New openssl packages are available for VL 5.9 to fix security issues. More details about this issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672

Be sure slapt-get or gslapt installs openssl-solibs and the new openssh as well, or your secure shell will not work!

openssl (Secure Sockets Layer toolkit) The OpenSSL certificate management tool and the shared libraries that provide various encryption and decryption algorithms and protocols. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

openssl-solibs (OpenSSL shared libraries) These shared libraries provide encryption routines required by programs such as openssh. They are also used by KDE's Konqueror web browser to provide secure web connections. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

Read More…

Pcre security upgrade

Posted by Rodrigo Bistolfi at Sep 25, 2008 11:00 AM |
Filed under: Security

A new pcre package is available for VL 5.9 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

Quote from: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484

Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
pcre (Perl-compatible regular expression library) The PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5, with just a few differences (documented in the man page). The PCRE library is used by KDE's Konqueror browser.

Read More…

Document Actions