Slack Linux Fans

Discussions About Slackware and Linux


[A-4621] New on ARMedslack-stable

Slack Linux Fans :: Admin :: Announcements

View previous topic View next topic Go down

[A-4621] New on ARMedslack-stable

Post  Oncle Jean on Wed Apr 25, 2012 4:59 pm

Tue Apr 24 19:52:36 UTC 2012

extra/wicd/wicd-1.7.2.1-arm-1.tgz: Upgraded.
This fixes a local privilege escalation that allows a user to set arbitrary pre/post-connection scripts through D-Bus which are then executed as the wicd user (generally root).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2095
Thanks to dapal for the workaround allowing us to skip the pybabel requirement (for now), and to Robby Workman for the script update.
(* Security fix *)
patches/packages/openssl-0.9.8v-arm-1_slack13.37.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
patches/packages/openssl-solibs-0.9.8v-arm-1_slack13.37.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)

ftp://ftp.armedslack.org/armedslack/armedslack-13.37/ChangeLog.txt

_________________
Oncle Jean

- Newsletter
http://tech.groups.yahoo.com/group/slack_linux_fans/

Oncle Jean
Admin

Posts: 8332
Join date: 2009-10-24
Age: 53
Location: Québec

http://slacklinux.darkbb.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Slack Linux Fans :: Admin :: Announcements

Permissions in this forum:
You cannot reply to topics in this forum