Slackware-13.0 ChangeLog (2012-04-23)

Mon Apr 23 18:18:31 UTC 2012

  • patches/packages/openssl-0.9.8v-i486-1_slack13.0.txz
    Fixes some potentially exploitable buffer overflows.
    Thanks to Tavis Ormandy, Google Security Team, for discovering this
    issue and to Adam Langley agl@chromium.org for fixing it.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
    (* Security fix *)
  • patches/packages/openssl-solibs-0.9.8v-i486-1_slack13.0.txz
    Fixes some potentially exploitable buffer overflows.
    Thanks to Tavis Ormandy, Google Security Team, for discovering this
    issue and to Adam Langley agl@chromium.org for fixing it.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
    (* Security fix *)
  • extra/wicd/wicd-1.7.2.1-i486-1_slack13.0.txz
    This fixes a local privilege escalation that allows a user to set arbitrary
    pre/post-connection scripts through D-Bus which are then executed as the
    wicd user (generally root).
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2095
    Thanks to dapal for the workaround allowing us to skip the pybabel
    requirement (for now), and to Robby Workman for the script update.
    (* Security fix *)
  • news/2012/04/23/slackware-13.0-changelog.txt
  • Last modified: 11 months ago
  • by Giuseppe Di Terlizzi