Slackware changelog May 3rd

Several updates were included in the -current tree recently, one notable change is a security fix to x11. This bug (which consists of a single missing bracket) would allow users to execute arbitrary code as root. It is suggested you upgrade your system, which can be done easily through swaret(my personal preference) or slapt-get.

Wed May 3 21:48:26 CDT 2006xap/mozilla-firefox-1.5.0.3-i686-1.tgz: Upgraded to firefox-1.5.0.3.
This upgrade fixes a crash bug that could possibly be used to
execute code as the Firefox user.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
+————————–+
Wed May 3 00:01:38 CDT 2006
a/smartmontools-5.36-i486-1.tgz: Upgraded to smartmontools-5.36.
Thanks to Jonathan Woithe for letting me know that newer 2.6.x kernels
need this version to properly support SMART with SATA drives.
l/libpng-1.2.10-i486-1.tgz: Upgraded to libpng-1.2.10.
n/rsync-2.6.8-i486-1.tgz: Upgraded to rsync-2.6.8.
tcl/tcl-8.4.13-i486-1.tgz: Upgraded to tcl-8.4.13.
tcl/tk-8.4.13-i486-1.tgz: Upgraded to tk-8.4.13.
x/x11-6.9.0-i486-4.tgz: Patched with x11r6.9.0-mitri.diff and recompiled.
A typo in the X render extension allows an X client to crash the server
and possibly to execute arbitrary code as the X server user (typically
this is "root".)
The CVE entry for this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526
The advisory from X.Org may be found here:
http://lists.freedesktop.org/archives/xorg/2006-May/015136.html
(* Security fix *)

x/x11-devel-6.9.0-i486-4.tgz: Patched and recompiled libXrender.
(* Security fix *)

Advertisements
This entry was posted in ChangeLogs, Security Updates. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s