This is an old revision of the document!
Slackware-13.0 ChangeLog (2010-10-20)
Wed Oct 20 21:54:05 UTC 2010
Packages
Rebuilt
- patches/packages/glibc-2.9-i486-4_slack13.0.txz
Patched “dynamic linker expands $ORIGIN in setuid library search path”.
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary. Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *) - patches/packages/glibc-i18n-2.9-i486-4_slack13.0.txz
- patches/packages/glibc-profile-2.9-i486-4_slack13.0.txz
- patches/packages/glibc-solibs-2.9-i486-4_slack13.0.txz
- patches/packages/glibc-zoneinfo-2.9-noarch-4_slack13.0.txz
Upgraded
- patches/packages/mozilla-firefox-3.6.11-i686-1.txz
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)