LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

slackpkg

slackpkg

Posted Apr 10, 2009 23:57 UTC (Fri) by Justin_Samuel (guest, #57967)
In reply to: Attacks on package managers by Alan_Hicks
Parent article: Attacks on package managers

We apologize for looking at the wrong tool and want to thank you for correcting us. When we did our initial work over a year ago, we incorrectly concluded that slaktool was the primary package manager. This is something we clearly should have discovered and corrected when reexamining package managers.

We have examined slackpkg and have sent a list of important security vulnerabilities to the Slackware security team. We'll wait a little while to make the specifics public but the security flaws are impactful, easy to exploit, and in the same vein as the issues we've mentioned for other package management tools.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds