[Slackbuilds-users] Concerning: [slackware-security] pidgin (SSA:2012-195-02)
black_rider at esdebian.org
Sun Jul 15 10:49:52 UTC 2012
I keep an eye on the following sites to know of software
There are times when vulnerabilities are not quickly addressed in SBo,
because it takes time to update/approve the new updates in the
repository. However, I must sincerely declare that I use over 50
SlackBuilded packages and they rarely have brought a meaningful security
hole to my system.
El Sat, 14 Jul 2012 14:48:31 -0700
"Bradley D. Thornton" <Bradley at NorthTech.US> escribió:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
> On 07/14/2012 11:49 AM, Slackware Security Team wrote:
> > [slackware-security] pidgin (SSA:2012-195-02)
> > New pidgin packages are available for Slackware 12.2, 13.0, 13.1,
> > 13.37, and -current to fix security issues.
> Something that I had thought about bringing up in the past but always
> ended up not being addressed due to other 'things' I needed to do...
> Anyway, I was taken aback for a second when I got the email above, but
> only for a second. I had to think to myself, "Is Pidgin Mainline
> Slack? Oh yeah, it is.", that's why I'm getting the alert.
> But there are plenty of SBo's that we don't get any sort of security
> notification on, and while it is prudent to follow the security lists
> for any such app that you install, I think that with regards to SBo's
> most of us don't follow the upstream devs security announcement lists.
> Has there been any discussion on SBo providing links or any sort of
> distribution of security news or announcements for SBo's supported
> IOW, once an SBo, say 'htop' goes mainline Slack, then security issues
> for that app are monitored by the Slackware team and we receive
> announcements via the Slackware Security list or via a tail of the
> So it may be a good thing if we had something like that here at SBo
> for announcements concerning SlackBuilds that are carried here.
> Kindest regards,
> - --
> Bradley D. Thornton
> Manager Network Services
> NorthTech Computer
> TEL: +1.310.388.9469 (US)
> TEL: +44.203.318.2755 (UK)
> TEL: +41.43.508.05.10 (CH)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Find this cert at x-hkp://pool.sks-keyservers.net
> -----END PGP SIGNATURE-----
My GPG keys are available in various keyservers. To retrieve the one
used for signing this mesage, use "gpg --keyserver hkp://keys.gnupg.net
--recv-keys 0x6D0B9F27" under GNU/Linux.
Windows rises the cost of your computer up to a 20%. Don't let them
pull your leg! Use free operating systems. See the websites of Knoppix,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 230 bytes
Desc: not available
More information about the SlackBuilds-users