User: Password:
Subscribe / Log in / New account



Posted Apr 10, 2009 23:57 UTC (Fri) by Justin_Samuel (guest, #57967)
In reply to: Attacks on package managers by Alan_Hicks
Parent article: Attacks on package managers

We apologize for looking at the wrong tool and want to thank you for correcting us. When we did our initial work over a year ago, we incorrectly concluded that slaktool was the primary package manager. This is something we clearly should have discovered and corrected when reexamining package managers.

We have examined slackpkg and have sent a list of important security vulnerabilities to the Slackware security team. We'll wait a little while to make the specifics public but the security flaws are impactful, easy to exploit, and in the same vein as the issues we've mentioned for other package management tools.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds