Slack Linux Fans

Discussions About Slackware and Linux


[A-1325] New on ARMedslack-stable

Slack Linux Fans :: Admin :: Announcements

View previous topic View next topic Go down

[A-1325] New on ARMedslack-stable

Post  Oncle Jean on Fri Oct 29, 2010 4:04 pm

Fri Oct 29 17:07:04 UTC 2010

patches/packages/glibc-2.11.1-arm-7.tgz: Rebuilt.
Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root by specifying an unsafe DSO in the library search path to be used with a setuid binary in LD_AUDIT mode.
Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
http://seclists.org/fulldisclosure/2010/Oct/344
(* Security fix *)
patches/packages/glibc-i18n-2.11.1-arm-7.tgz: Rebuilt.
patches/packages/glibc-profile-2.11.1-arm-7.tgz: Rebuilt.
patches/packages/glibc-solibs-2.11.1-arm-7.tgz: Rebuilt.
(* Security fix *)
patches/packages/glibc-zoneinfo-2.11.1-noarch-7.tgz: Rebuilt.
Rebuilt to tzcode2010n and tzdata2010n.
patches/packages/mozilla-firefox-3.6.12-armv5t-1_slack13.1.tgz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)

ftp://ftp.armedslack.org/armedslack/armedslack-13.1/ChangeLog.txt

_________________
Oncle Jean

- Newsletter
http://tech.groups.yahoo.com/group/slack_linux_fans/

Oncle Jean
Admin

Posts: 8333
Join date: 2009-10-24
Age: 53
Location: Québec

http://slacklinux.darkbb.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Slack Linux Fans :: Admin :: Announcements

Permissions in this forum:
You cannot reply to topics in this forum