LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 03-10-2017, 03:20 AM   #586
Thom1b
Member
 
Registered: Mar 2010
Location: France
Distribution: Slackware
Posts: 149

Rep: Reputation: 91
pidgin-2.12.0 fixes CVE-2017-2640


Hi,

I don't know if it's a critical security fix, but pidgin-2.12.0 is released with CVE-2017-2640 fix.
https://downloads.sourceforge.net/pr...2.12.0.tar.bz2

All ChangeLog is here :
https://bitbucket.org/pidgin/www/src...docs/ChangeLog
 
1 members found this post helpful.
Old 03-23-2017, 04:39 AM   #587
Thom1b
Member
 
Registered: Mar 2010
Location: France
Distribution: Slackware
Posts: 149

Rep: Reputation: 91
samba-4.4.12: CVE-2017-2619

samba-4.4.12 is released with security fixes.
https://download.samba.org/pub/samba...-4.4.12.tar.gz
https://download.samba.org/pub/samba...4.4.12.tar.asc

Quote:
These are a security releases in order to address the following defect:

o CVE-2017-2619 (Symlink race allows access outside share definition)

=======
Details
=======

o CVE-2017-2619:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.11 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.

Samba uses the realpath() system call to ensure when a client requests
access to a pathname that it is under the exported share path on the
server file system.

Clients that have write access to the exported part of the file system
via SMB1 unix extensions or NFS to create symlinks can race the server
by renaming a realpath() checked path and then creating a symlink. If
the client wins the race it can cause the server to access the new
symlink target after the exported share path check has been done. This
new symlink target can point to anywhere on the server file system.

This is a difficult race to win, but theoretically possible. Note that
the proof of concept code supplied wins the race reliably only when
the server is slowed down using the strace utility running on the
server. Exploitation of this bug has not been seen in the wild.


Changes:
--------

o Jeremy Allison <jra@samba.org>
* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.

o Ralph Boehme <slow@samba.org>
* BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share
directory.
 
2 members found this post helpful.
Old 03-23-2017, 11:49 AM   #588
Thom1b
Member
 
Registered: Mar 2010
Location: France
Distribution: Slackware
Posts: 149

Rep: Reputation: 91
mcabber-1.0.5 : This release fixes CVE-2017-5589.

mcabber-1.0.5 is released since January with CVE-2017-5589 security fix.
http://mcabber.com/files/mcabber-1.0.5.tar.bz2
http://mcabber.com/files/mcabber-1.0.5.tar.bz2.asc
 
2 members found this post helpful.
Old 03-23-2017, 04:41 PM   #589
Jeebizz
Senior Member
 
Registered: May 2004
Distribution: Slackware 14.2 64-bit with multilib
Posts: 2,310

Rep: Reputation: 613Reputation: 613Reputation: 613Reputation: 613Reputation: 613Reputation: 613
wrong thread
 
Old 03-25-2017, 07:19 PM   #590
mats_b_tegner
Member
 
Registered: Nov 2009
Location: Gothenburg, Sweden
Distribution: Slackware64
Posts: 367

Rep: Reputation: 154Reputation: 154
mariadb 10.0.30

MariaDB 10.0.30 fixes two CVEs
https://mariadb.com/kb/en/mariadb/ma...release-notes/
https://mariadb.com/kb/en/mariadb/ma...030-changelog/
http://cve.mitre.org/cgi-bin/cvename...=CVE-2017-3313
http://cve.mitre.org/cgi-bin/cvename...=CVE-2017-3302
 
2 members found this post helpful.
Old Yesterday, 08:51 AM   #591
cwizardone
Senior Member
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib." FreeBSD.
Posts: 3,327
Blog Entries: 1

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
Cve-2017-2636

CVE-2017-2636
http://www.zdnet.com/article/old-lin...ity-bug-bites/

I've searched this forum for a post on CVE-2017-2636, but didn't find one. OTOH, I could have missed it.

Seems to be quite serious and the module is present,
but not loaded, in the most recent -current kernel.

Quote:
filename: /lib/modules/4.4.38/kernel/drivers/tty/n_hdlc.ko
alias: tty-ldisc-13
author: Paul Fulghum paulkf@microgate.com
license: GPL
depends:
intree: Y
vermagic: 4.4.38 SMP mod_unload
parm: debuglevel:int
parm: maxframe:int

Last edited by cwizardone; Yesterday at 08:52 AM.
 
Old Yesterday, 02:24 PM   #592
mats_b_tegner
Member
 
Registered: Nov 2009
Location: Gothenburg, Sweden
Distribution: Slackware64
Posts: 367

Rep: Reputation: 154Reputation: 154
Quote:
Originally Posted by cwizardone View Post
CVE-2017-2636
http://www.zdnet.com/article/old-lin...ity-bug-bites/

I've searched this forum for a post on CVE-2017-2636, but didn't find one. OTOH, I could have missed it.

Seems to be quite serious and the module is present,
but not loaded, in the most recent -current kernel.
The fix is in kernel 4.4.54:
https://lkml.org/lkml/2017/3/14/1038
Quote:
Alexander Popov (1):
tty: n_hdlc: get rid of racy n_hdlc.tbuf
Edit: The fix is included in kernels 4.9.x and 4.10.x as well...

Last edited by mats_b_tegner; Today at 09:07 AM.
 
1 members found this post helpful.
Old Yesterday, 06:13 PM   #593
kjhambrick
Member
 
Registered: Jul 2005
Location: Round Rock, TX
Distribution: Slackware64 14.2 + Multilib
Posts: 779

Rep: Reputation: 274Reputation: 274Reputation: 274
cwizardone --

What mats_b_tegner said.

Plus ...

Here is an email from Alexander Popov about the bug fix:

Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc

HTH

-- kjh

P.S. I looked for myself and meant to add:

Code:
# grep CONFIG_N_HDLC  /boot/config

CONFIG_N_HDLC=m

Last edited by kjhambrick; Yesterday at 06:15 PM. Reason: p.s.
 
1 members found this post helpful.
Old Today, 12:02 AM   #594
cwizardone
Senior Member
 
Registered: Feb 2007
Distribution: Slackware64-current with "True Multilib." FreeBSD.
Posts: 3,327
Blog Entries: 1

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
@mats_b_tegner and kjhambrick,
Thanks for the information.
Guess I'll have to "roll my own" kernel.
Now, where did I put those instructions.

Last edited by cwizardone; Today at 12:05 AM.
 
  


Reply

Tags
exploit, security, slackware


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[Slackware Security]: Some pending vulnerabilities... mancha Slackware 7 08-22-2013 09:08 AM


All times are GMT -5. The time now is 12:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration