Slackware-13.0 ChangeLog (2009-06-27)

Fri Jun 26 22:06:58 CDT 2009

  • n/samba-3.2.13-i486-1.txz
    This upgrade fixes the following security issues:
    o CVE-2009-1888:
    In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
    data value can potentially affect access control when “dos filemode”
    is set to “yes”.
    o CVE-2009-1886:
    In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
    with file names treat user input as a format string to asprintf.
    With a maliciously crafted file name smbclient can be made
    to execute code triggered by the server.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886
    (* Security fix *)
  • xap/MPlayer-r29390-i486-1.txz
  • testing/packages/mesa-7.4.4-i486-1.txz
  • n/sendmail-8.14.3-i486-2.txz
    Fixed missing praliases. Thanks to Mark Post.
  • n/sendmail-cf-8.14.3-noarch-2.txz
  • news/2009/06/27/slackware-13.0-changelog.txt
  • Last modified: 5 months ago
  • by Giuseppe Di Terlizzi