Slackware-13.0 ChangeLog (2010-10-20) [Lotar's Wiki]

slackware changelog slackware-13.0 2010-10news:2010:10:20:slackware-13.0-changelog

patches/packages/glibc-2.9-i486-4_slack13.0.txz
Patched “dynamic linker expands $ORIGIN in setuid library search path”.
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary. Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *)
patches/packages/glibc-i18n-2.9-i486-4_slack13.0.txz
patches/packages/glibc-profile-2.9-i486-4_slack13.0.txz
patches/packages/glibc-solibs-2.9-i486-4_slack13.0.txz
patches/packages/glibc-zoneinfo-2.9-noarch-4_slack13.0.txz

patches/packages/mozilla-firefox-3.6.11-i686-1.txz
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)

slackware, changelog, slackware-13.0, 2010-10

news/2010/10/20/slackware-13.0-changelog.txt
Last modified: 6 months ago
by Giuseppe Di Terlizzi