LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 23, 2012

Subtle interactions in the embedded world - what bugs can teach us

Handset cohabitation: Ubuntu for Android

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Thursday's security updates

[Posted January 26, 2012 by jake]

Fedora has updated rubygem-actionpack (F15; F16: cross-site scripting).

Oracle has updated kernel (OL6: privilege escalation) and kernel-uek (OL5; OL6: privilege escalation and improved CVE-2010-2962 fix).

Scientific Linux has updated kernel (SL6: privilege escalation), glibc (SL6: multiple vulnerabilities), openssl (SL6: multiple vulnerabilities), t1lib (SL6: multiple vulnerabilities), and qemu-kvm (SL6: privilege escalation).

SUSE has updated java-1_4_2-ibm (SLE 10 SP4: multiple vulnerabilities).

Ubuntu has updated evince (code execution), linux-lts-backport-oneiric (privilege escalation), icu (code execution), and xorg (access restriction bypass).

(Log in to post comments)

Thursday's security updates

Posted Jan 27, 2012 2:46 UTC (Fri) by swsnyder (subscriber, #3913) [Link]

Scientific Linux has updated [...] glibc (SL6: multiple vulnerabilities), openssl (SL6: multiple vulnerabilities), t1lib (SL6: multiple vulnerabilities), and qemu-kvm (SL6: privilege escalation).

And meanwhile the sleepy folks at CentOS rest undisturbed.

GLibC and OpenSSL? Pffft! Who uses those?

Thursday's security updates

Posted Jan 27, 2012 3:07 UTC (Fri) by rahulsundaram (subscriber, #21946) [Link]

Apparently Slackware is lagging behind as well.

https://lwn.net/Articles/476963/#Comments

Atleast the CentOS lag is well known at this point.

Thursday's security updates

Posted Jan 27, 2012 17:02 UTC (Fri) by bobsol (subscriber, #54641) [Link]

No patches to Slackware since Nov. 27. I am a long time user and the patches usually flow with some regularity. I am concerned. Below is a listing of patches to 13.37 with mtimes.

yasm-1.2.0-i486-1_slack13.37.txz                   27-Nov-2011 03:31  442K
mozilla-thunderbird-3.1.16-i486-1_slack13.37.txz   26-Nov-2011 00:48  8.8M
seamonkey-solibs-2.5-i486-1_slack13.37.txz         25-Nov-2011 22:39  1.9M
seamonkey-2.5-i486-1_slack13.37.txz                25-Nov-2011 22:39   20M
mozilla-firefox-8.0.1-i486-1_slack13.37.txz        24-Nov-2011 14:40   13M
make-3.82-i486-3_slack_13.37.txz                   22-Nov-2011 15:05  387K
bind-9.7.4_P1-i486-1_slack13.37.txz                16-Nov-2011 21:23  1.7M
glibc-zoneinfo-2011i_2011n-noarch-1.txz            11-Nov-2011 18:22  145K
openssh-5.9p1-i486-2_slack13.37.txz                08-Nov-2011 03:52  511K
file-5.09-i486-1_slack13.37.txz                    11-Oct-2011 03:32  215K
httpd-2.2.21-i486-1_slack13.37.txz                 11-Oct-2011 02:24  1.5M
php-5.3.8-i486-1_slack13.37.txz                    24-Aug-2011 01:04  5.2M
samba-3.5.10-i486-1_slack13.37.txz                 28-Jul-2011 21:33   16M
dhcpcd-5.2.12-i486-1_slack13.37.txz                28-Jul-2011 20:50   56K
libpng-1.4.8-i486-1_slack13.37.txz                 18-Jul-2011 19:40  521K
ghostscript-9.02-i486-1_slack13.37.txz             29-Jun-2011 18:05   11M
pidgin-2.9.0-i486-1_slack13.37.txz                 27-Jun-2011 20:32  7.0M
fetchmail-6.3.20-i486-1_slack13.37.txz             20-Jun-2011 00:44  570K
apr-util-1.3.12-i486-1_slack13.37.txz              25-May-2011 19:48  104K
apr-1.4.5-i486-1_slack13.37.txz                    25-May-2011 19:46  194K

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds