Slackware-13.1 ChangeLog (2012-08-30)
Thu Aug 30 23:35:53 UTC 2012
Packages
Rebuilt
- patches/packages/glibc-2.11.1-i486-7_slack13.1.txz
Patched multiple integer overflows in the strtod, strtof, strtold, and
strtod_l functions in stdlib in the GNU C Library allow local users to
cause a denial of service (application crash) and possibly execute
arbitrary code via a long string, which triggers a stack-based buffer
overflow.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480
(* Security fix *) - patches/packages/glibc-i18n-2.11.1-i486-7_slack13.1.txz
- patches/packages/glibc-profile-2.11.1-i486-7_slack13.1.txz
- patches/packages/glibc-solibs-2.11.1-i486-7_slack13.1.txz
- patches/packages/glibc-zoneinfo-2.11.1-noarch-7_slack13.1.txz
- patches/packages/slocate-3.1-i486-4_slack13.1.txz
Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Thanks to Mancha+.
Patched to fix information leak of filenames in protected directories.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227
(* Security fix *)