Thursday, September 25, 2014

Two Security Advisories

There are two security advisories released today and you are advised to upgrade as soon as possible (don't worry, it won't cause problem as in iOS 8.0.1 update yesterday).

The first update is for bash which is known to be vulnerable due to how they handle environment variables. This bug affects many applications that uses bash scripts on their operations, namely httpd, ssh, dhclient, etc. This update is backported to all supported Slackware releases (13.0 to -current).

The second update is mozilla-nss which fixed the RSA Signature Forgery vulnerability. This update is applied only to Slackware 14.0 and newer