Get the LinuxSecurity news you want faster with RSS
Powered By
Slackware: 'cvs' Multiple vulnerabilities
Posted by LinuxSecurity.com Team
Patched to link to the shared zlib on the system instead of statically linking to the included zlib source. Also, use mktemp to create files in /tmp files more safely.
Date: Mon, 11 Mar 2002 18:31:37 -0800 (PST)
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] cvs recompiled against updated zlib + /tmp fix
New cvs packages are available to fix security problems.
Here's the information from the Slackware 8.0 ChangeLog:
----------------------------
Mon Mar 11 17:54:12 PST 2002
patches/packages/cvs.tgz: Patched to link to the shared zlib on the system
instead of statically linking to the included zlib source. Also, use mktemp
to create files in /tmp files more safely.
(* Security fix *)
----------------------------
WHERE TO FIND THE NEW PACKAGE:
------------------------------
Updated cvs package for Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/cvs.tgz
Updated cvs package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/cvs.tgz
MD5 SIGNATURE:
--------------
Here is the md5sum for the package:
Slackware 7.1:
03dab4f6898e34033e379d7ef706c21f cvs.tgz
Slackware 8.0:
6758d0f323e9ebbd9aa1272c6c9dc482 cvs.tgz
INSTALLATION INSTRUCTIONS:
--------------------------
As root, upgrade to the new cvs.tgz package:
# upgradepkg cvs.tgz
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
