Fedora Legacy Test Update Notification: slocate
Jesse Keating
jkeating at j2solutions.net
Thu Feb 5 06:21:58 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2004-1230
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1232
2004-02-04
- ---------------------------------------------------------------------
Name : slocate
Version 7.2 : 2.7-1.7.2
Version 7.3 : 2.7-1.7.3
Version 8.0 : 2.7-1.8.0
Summary : Finds files on a system via a central database.
Description :
Slocate is a security-enhanced version of locate. Just like locate,
slocate searches through a central database (which is updated nightly)
for files that match a given pattern. Slocate allows you to quickly
find files anywhere on your system.
- ---------------------------------------------------------------------
Update Information:
CAN-2003-0848:
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other
versions, may allow local users to gain privileges via a modified slocate
database that causes a negative "pathlen" value to be used.
- ---------------------------------------------------------------------
Changelog:
* Wed Feb 04 2004 Jesse Keating <jkeating at j2solutions.net>
- - 2.x.x.legacy
- - fixed package version, pushing to updates.
- - fixed URL
* Thu Jan 22 2004 Michael Schwendt <mschwendt[AT]users.sf.net>
- - Fix automake regeneration (adds buildreq autoconf,automake).
- - Clear buildroot at beginning of %install.
- - Copyright->License, Prereq->Requires(pre,preun).
* Wed Jan 21 2004 Mark Cox <mjc at redhat.com>
- - drop privs for non slocate gid databases (CAN-2003-0848)
- - update to 2.7
- ---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedoralegacy.org/redhat/
(sha1sums)
50b9bf61a1c6066c2c0671cb9c38a18f07c9e5fa
7.2/updates-testing/SRPMS/slocate-2.7-1.7.2.legacy.src.rpm
47b001b499d89b75a8bad2dafb884d9c393c1e9a
7.2/updates-testing/i386/slocate-2.7-1.7.2.legacy.i386.rpm
b3654ebce54ae26617f2f18457fa9731542971ab
7.3/updates-testing/SRPMS/slocate-2.7-1.7.3.legacy.src.rpm
eae25387e00a671974e0c43aa5b7f478dd04636f
7.3/updates-testing/i386/slocate-2.7-1.7.3.legacy.i386.rpm
b2238d14cec50187139883c34265c905b8495109
8.0/updates-testing/SRPMS/slocate-2.7-1.8.0.legacy.src.rpm
a22d3b45922b0123a0ca9035dd9f66093d63651d
8.0/updates-testing/i386/slocate-2.7-1.8.0.legacy.i386.rpm
- ---------------------------------------------------------------------
Notes:
This is an upgrade rather than a backport. Many bugfixes between 2.6 and
2.7, very very little changes externally. RHEL 2.1 also updated rather
than backported. Tests well.
Please test and comment in bugzilla.
- --
Jesse Keating RHCE (http://geek.j2solutions.net)
Fedora Legacy Team (http://www.fedoralegacy.org)
Mondo DevTeam (www.mondorescue.org)
GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAIeEG4v2HLvE71NURAnsGAJ9repVII+pukj652Bk2VRpIjWs0cwCgpaCh
WvaN6N9pDYMXYGOihr3NVHk=
=nghA
-----END PGP SIGNATURE-----
More information about the fedora-legacy-list
mailing list