mirror of
git://slackware.nl/current.git
synced 2025-01-14 08:01:11 +01:00
4657194ae3
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
extra/llvm-17.0.6-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/cryfs-0.10.3-x86_64-5_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/cups-filters-1.28.17-x86_64-2_slack15.0.txz: Rebuilt.
Mitigate security issue that could lead to a denial of service or
the execution of arbitrary code.
Rebuilt with --with-browseremoteprotocols=none to disable incoming
connections, since this daemon has been shown to be insecure. If you
actually use cups-browsed, be sure to install the new
/etc/cups/cups-browsed.conf.new containing this line:
BrowseRemoteProtocols none
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-47176
(* Security fix *)
patches/packages/espeak-ng-1.50-x86_64-4_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/libvncserver-0.9.13-x86_64-4_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/marisa-0.2.6-x86_64-5_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/mlt-7.4.0-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/mozilla-firefox-115.16.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.16.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-48
https://www.cve.org/CVERecord?id=CVE-2024-9392
https://www.cve.org/CVERecord?id=CVE-2024-9393
https://www.cve.org/CVERecord?id=CVE-2024-9394
https://www.cve.org/CVERecord?id=CVE-2024-9401
(* Security fix *)
patches/packages/openobex-1.7.2-x86_64-6_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/pkgtools-15.0-noarch-44_slack15.0.txz: Rebuilt.
makepkg: when looking for ELF objects with --remove-rpaths or
--remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
of the directory or filename.
Also warn about /tmp rpaths after the package is built.
patches/packages/spirv-llvm-translator-13.0.0-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
testing/packages/llvm-18.1.8-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
29 lines
955 B
Diff
29 lines
955 B
Diff
--- smb.conf.default.orig 2017-01-11 01:55:14.000000000 -0600
|
|
+++ smb.conf.default 2017-03-23 14:18:05.114503416 -0500
|
|
@@ -22,7 +22,7 @@
|
|
#======================= Global Settings =====================================
|
|
[global]
|
|
|
|
-# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
|
|
+# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
|
|
workgroup = MYGROUP
|
|
|
|
# server string is the equivalent of the NT Description field
|
|
@@ -52,7 +52,7 @@
|
|
|
|
# this tells Samba to use a separate log file for each machine
|
|
# that connects
|
|
- log file = /usr/local/samba/var/log.%m
|
|
+ log file = /var/log/samba.%m
|
|
|
|
# Put a capping on the size of the log files (in Kb).
|
|
max log size = 50
|
|
@@ -136,7 +136,7 @@
|
|
# specifically define each individual printer
|
|
[printers]
|
|
comment = All Printers
|
|
- path = /usr/spool/samba
|
|
+ path = /var/spool/samba
|
|
browseable = no
|
|
# Set public = yes to allow user 'guest account' to print
|
|
guest ok = no
|