[A-1292] New on ARMedslack-stable

Oncle Jean on Fri Oct 22, 2010 5:16 pm

Fri Oct 22 05:57:02 UTC 2010

patches/packages/glibc-2.11.1-arm-6_slack13.1.tgz: Rebuilt.
Patched "dynamic linker expands $ORIGIN in setuid library search path".
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary. Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *)
patches/packages/glibc-i18n-2.11.1-arm-6_slack13.1.tgz: Rebuilt.
patches/packages/glibc-profile-2.11.1-arm-6_slack13.1.tgz: Rebuilt.
patches/packages/glibc-solibs-2.11.1-arm-6_slack13.1.tgz: Rebuilt.
patches/packages/glibc-zoneinfo-2.11.1-noarch-6_slack13.1.tgz: Rebuilt.
patches/packages/mozilla-firefox-3.6.11-armv5t-1_slack13.1.tgz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)
patches/packages/mozilla-thunderbird-3.0.9-armv5t-1_slack13.1.tgz: Upgraded.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html
(* Security fix *)

ftp://ftp.armedslack.org/armedslack/armedslack-13.1/ChangeLog.txt