You are currently browsing the archives for posts tagged as Slackware.

Slackware Security Update: sudo

Posted: 22 Jun 2005 | Tags: Linux, Slackware, Software | Comments: 3

There’s a security update for the sudo package in recent Slackware versions. This includes 8.1, 9.0, 9.1, 10.0, 10.1 and current. A race condition could allow a user with sudo privileges to run arbitrary commands. Details are as follows:

Here are the details from the Slackware 10.1 ChangeLog:
+————————–+
patches/packages/sudo-1.6.8p9-i486-1.tgz: Upgraded to sudo-1.6.8p9.
This new version of Sudo fixes a race condition in command pathname handling that could allow a user with Sudo privileges to run arbitrary commands.
For full details, see the Sudo site:
http://www.courtesan.com/sudo/alerts/path_race.html
(* Security fix *)
+————————–+

You can use the Slackware package browser to obtain an updated version of this package for your Slackware installation. Lazier and smarter people like me will use updating tools such as Swaret or slapt-get :)

x86-64 Slackware Clone Released

Posted: 15 Jun 2005 | Tags: Distros, Linux, Slackware | Comments: 2

As read on Slashdot, a distro for x86-64 (AMD64) based on Slackware known as Slamd64 has been released.

Its versioning number seems to be following the current release for Slackware; 10.1. I’d assume that it uses the same packages as Slackware but rebuilt for the x86-64 architecture.

Slackware Updates

Posted: 14 May 2005 | Tags: Slackware, Software | Comments: 5

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.

Here are the details from the Slackware 10.1 ChangeLog:

+————————–+
patches/packages/gaim-1.3.0-i486-1.tgz: Upgraded to gaim-1.3.0. This fixes a
few bugs which could be used by a remote attacker to annoy a GAIM user by
crashing GAIM and creating a denial of service.
(* Security fix *)
+————————–+

For others like me, who uses Slackware-current, the long awaited upgrade of glibc to include NPTL support is finally over! Read the Slackware-current changelog for more information. However, it will take a while for all mirrors to synch… so be patient.

You can upgrade necessary packages by manually downloading the packages. Or use automated updating tools such as Swaret or slapt-get.

PAGE 5 of 51...2345