Slackware-12.2 ChangeLog (2012-04-23)
Mon Apr 23 18:18:31 UTC 2012
Packages
Upgraded
- patches/packages/openssl-0.9.8v-i486-1_slack12.2.tgz
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley agl@chromium.org for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *) - patches/packages/openssl-solibs-0.9.8v-i486-1_slack12.2.tgz
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley agl@chromium.org for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *) - extra/wicd/wicd-1.7.2.1-i486-1_slack12.2.tgz
This fixes a local privilege escalation that allows a user to set arbitrary
pre/post-connection scripts through D-Bus which are then executed as the
wicd user (generally root).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2095
Thanks to dapal for the workaround allowing us to skip the pybabel
requirement (for now), and to Robby Workman for the script update.
(* Security fix *)