Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-13.0 ChangeLog (2009-08-18) ====== ====== Tue Aug 18 18:50:46 CDT 2009 ====== > Patched kernels and kernel packages for Linux 2.6.29.6 to address \\ a bug in proto_ops structures which could allow a user to use the \\ kernel sendpage operation to execute arbitrary code in page zero. \\ This could allow local users to gain escalated privileges. \\ This flaw was discovered by Tavis Ormandy and Julien Tinnes of the \\ Google Security Team. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 \\ In addition, these kernels change the CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR \\ kernel config option value to 4096, which should prevent the execution \\ of arbitrary code by future NULL dereference bugs that might be found \\ in the kernel. If you are compiling your own kernel, please check this \\ option in your .config. If it is set to =0, you may wish to edit it \\ to 4096 (or some other value > 0) and then reconfigure, or the kernel \\ will not have default protection against zero page attacks from \\ userspace. \\ (* Security fix *) ===== Packages ===== ==== Rebuilt ==== * [[slackware.13.0>a/kernel-firmware-2.6.29.6-noarch-2.txz]] * [[slackware.13.0>a/kernel-generic-2.6.29.6-i486-2.txz]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>a/kernel-generic-smp-2.6.29.6_smp-i686-2.txz]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>a/kernel-huge-2.6.29.6-i486-2.txz]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>a/kernel-huge-smp-2.6.29.6_smp-i686-2.txz]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>a/kernel-modules-2.6.29.6-i486-2.txz]] * [[slackware.13.0>a/kernel-modules-smp-2.6.29.6_smp-i686-2.txz]] * [[slackware.13.0>a/pkgtools-13.0-noarch-3.tgz]] \\ Fixed hardcoded gzip in installpkg --warn. Thanks to Mathieu Bouillaguet. \\ Fixed upgradepkg to reject invalid extensions. Thanks to Andrew Psaltis. * [[slackware.13.0>d/kernel-headers-2.6.29.6_smp-x86-2.txz]] * [[slackware.13.0>k/kernel-source-2.6.29.6_smp-noarch-2.txz]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>isolinux/initrd.img]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>kernels/*]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) * [[slackware.13.0>usb-and-pxe-installers/]] \\ Patched CVE-2009-2692, changed default vm.mmap_min_addr to 4096. \\ (* Security fix *) ==== Upgraded ==== * [[slackware.13.0>ap/foomatic-filters-4.0.2-i486-1.txz]] ==== Rebuilt. Get rid of hardlinked man pages ==== * [[slackware.13.0>l/libzip-0.9-i486-2.txz]] ==== Upgraded. Thanks to Stuart Winter ==== * [[slackware.13.0>n/pinentry-0.7.6-i486-1.txz]] ==== Added ==== * [[slackware.13.0>xap/x11-ssh-askpass-1.2.4.1-i486-1.txz]] \\ Thanks to Vincent Batts for the build script. \\ extra/linux-2.6.29.6-nosmp-sdk/: Regenerated SMP to no-SMP kernel source patch. {{tag>slackware changelog slackware-13.0 2009-08}} news/2009/08/18/slackware-13.0-changelog.txt Last modified: 6 months agoby Giuseppe Di Terlizzi Log In