Slackware64-14.1 ChangeLog (2013-09-09)
Mon Sep 9 03:34:59 UTC 2013
Packages
Rebuilt
- a/lilo-24.0-x86_64-2.txz
Use os-prober to filter unbootable FAT/NTFS partitions from the list of
partitions that might contain a bootable Windows installation. - l/glibc-2.17-x86_64-6.txz
Patched to remove pt_chown. Thanks to mancha.
Note that while this patches CVE-2013-2207 (a local privilege escalation
vulnerability), the vulnerability depends upon insecure and non-default
settings (“user_allow_other” in /etc/fuse.conf) and the patch is not
trivial to port to older versions of glibc. For older versions, the
best approach is to not set that option in fuse.conf, as it likely opens
up other holes as well. Another approach to mitigate this is to make
pt_chown a symlink to /bin/true, as the kernel has handled chowning
pseudo terminals for a long time and pt_chown isn't needed at all. - n/bluez-4.99-x86_64-3.txz
Check executable status of rc.bluetooth before allowing a hotplugged
device to load modules and start bluetoothd.
Thanks to Robby Workman.
Upgraded
- d/perl-5.18.1-x86_64-1.txz
Upgraded to DBI-1.628. Added gettext-1.05. - d/subversion-1.7.13-x86_64-1.txz
This update fixes a local privilege escalation vulnerability via
symlink attack.
For more information, see:
http://subversion.apache.org/security/CVE-2013-4277-advisory.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4277
(* Security fix *) - x/xcb-util-0.3.9-x86_64-1.txz
This update bumps the shared library version, requiring some rebuilds.
Added
- a/os-prober-1.63-x86_64-1.txz
This is a simple tool that searches partitions for bootable operating
systems. It is useful for liloconfig to find Windows installations,
and is also required for grub2.