Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-28 09:59:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/patches/source/aaa_base
History
Patrick J Volkerding c9881ad979 Tue Feb 15 20:00:48 UTC 2022 
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz:  Rebuilt.
  If root's mailbox did not already exist, it would be created with insecure
  permissions leading to possible local information disclosure. This update
  ensures that a new mailbox will be created with proper permissions and
  ownership, and corrects the permissions on an existing mailbox if they are
  found to be incorrect. Thanks to Martin for the bug report.
  (* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes a security issue in chsh(1) and chfn(8):
  By default, these utilities had been linked with libreadline, which allows
  the INPUTRC environment variable to be abused to produce an error message
  containing data from an arbitrary file. So, don't link these utilities with
  libreadline as it does not use secure_getenv() (or a similar concept), or
  sanitize the config file path to avoid vulnerabilities that could occur in
  set-user-ID or set-group-ID programs.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
  (* Security fix *)
2022-02-16 13:29:58 +01:00
..
aaa_base.SlackBuild Tue Feb 15 20:00:48 UTC 2022 2022-02-16 13:29:58 +01:00
current-release.inactive Tue Feb 15 20:00:48 UTC 2022 2022-02-16 13:29:58 +01:00
os-release Tue Feb 15 20:00:48 UTC 2022 2022-02-16 13:29:58 +01:00
slack-desc Tue Feb 15 20:00:48 UTC 2022 2022-02-16 13:29:58 +01:00
slackware-version Tue Feb 15 20:00:48 UTC 2022 2022-02-16 13:29:58 +01:00