Slackware-14.1 ChangeLog (2014-02-20)
Thu Feb 20 00:30:49 UTC 2014
Packages
Upgraded
- patches/packages/gnutls-3.1.21-i486-1_slack14.1.txz
This update fixes a flaw where a version 1 intermediate certificate would be
considered as a CA certificate by GnuTLS by default.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959
(* Security fix *) - patches/packages/mariadb-5.5.35-i486-1_slack14.1.txz
This update fixes a buffer overflow in the mysql command line client which
may allow malicious or compromised database servers to cause a denial of
service (crash) and possibly execute arbitrary code via a long server
version string.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
(* Security fix *)
Rebuilt
- patches/packages/shadow-4.1.5.1-i486-3_slack14.1.txz
Shadow 4.1.5 addressed a tty-hijacking vulnerability in “su -c”
(CVE-2005-4890) by detaching the controlling terminal in the non-PAM
case via a TIOCNOTTY request. Bi-directional protection is excessive
and breaks a commonly-used methods for privilege escalation on non-PAM
systems (e.g. xterm -e /bin/su -s /bin/bash -c /bin/bash myscript).
This update relaxes the restriction and only detaches the controlling
tty when the callee is not root (which is, after all, the threat vector).
Thanks to mancha for the patch (and the above information).