Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

My Favourites

Slackware

Calendar

December 2014
M T W T F S S
« Nov    
1234567
891011121314
15161718192021
22232425262728
293031  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

Meta

Another glibc multilib update

Barely a week has passed, and we have yet another local root hole in glibc that needed patching. The Slackware ChangeLog said it like this:

a/glibc-solibs-2.12.1-x86_64-3.txz: Rebuilt.
Patched “The GNU C library dynamic linker will dlopen arbitrary DSOs
during setuid loads.” This security issue allows a local attacker to
gain root by specifying an unsafe DSO in the library search path to be
used with a setuid binary in LD_AUDIT mode.
Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes).
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856

http://seclists.org/fulldisclosure/2010/Oct/344

(* Security fix *)

Of course, I was out of town for a few days when this happened, so it took a little longer to build updated multilib versions for glibc.

But… they are available now for your 64-bit Slackware 13.0, 13.1 and -current. Grab them here: http://slackware.com/~alien/multilib/. If you need guidance, read the README or better even, check out the Wiki page on Slackware multilib.

I hope this is the last hole for a while, it sucks having to rebuild all of this.

Mirrors: http://taper.alienbase.nl/mirrors/people/alien/multilib/ and http://slackware.org.uk/people/alien/multilib/.

Eric

Comments

Comment from Nick Blizzard
Posted: October 30, 2010 at 00:18

Installed in 64-current with no issues. Thanks Eric.

Comment from mickski56
Posted: October 30, 2010 at 00:58

Good in 64_13.0. Thanks for maintaining this.

Comment from Igor
Posted: October 30, 2010 at 03:14

thanks for update multilib Eric.
done by:
./update-multilib.sh
upgradepkg *{,/*}.t?z
(debug)

Comment from Ken Shotswell
Posted: October 31, 2010 at 01:37

Eric,

Since the libwebkit-1.0.so.2.17.7 update I can no longer get the handbrake package to run. When you have a spare minute can you rebuild handbrake toy work with the new version of webkit?

Comment from alienbob
Posted: October 31, 2010 at 14:42

@Ken:
I have no problems running handbrake here. Do you see any errors when running the command “ghb” from the commandline?

Eric

Comment from Ken Shotswell
Posted: October 31, 2010 at 17:40

Eric,,

This is what I’m getting:

shotsy ~/Desktop $ ghb
ghb: error while loading shared libraries: libwebkit-1.0.so.2: cannot open shared object file: No such file or directory

when I run locate libwebkit I get this output:

/usr/lib/libwebkit-1.0.so.2.17.7
/usr/lib/libwebkit-1.0.la
/usr/lib/libwebkit-1.0.so.2
/usr/lib/libwebkit-1.0.so

and the ls -la

shotsy /usr/lib $ ls -la libwebkit*
-rwxr-xr-x 1 root root 2912 2010-10-15 18:05 libwebkit-1.0.la*
lrwxrwxrwx 1 root root 23 2010-10-16 07:41 libwebkit-1.0.so -> libwebkit-1.0.so.2.17.7*
lrwxrwxrwx 1 root root 23 2010-10-16 07:41 libwebkit-1.0.so.2 -> libwebkit-1.0.so.2.17.7*
-rwxr-xr-x 1 root root 14892688 2010-10-15 18:05 libwebkit-1.0.so.2.17.7*

Thanks for your help!

Ken

Comment from Ken Shotswell
Posted: October 31, 2010 at 18:02

Eric,

I figured it out, looks like I picked up some packages from somewhere else. I had to re download and apply

webkitgtk, icu4c, and lib soup from http://connie.slackware.com/~alien/slackbuilds/

now locate libwebkit returns:

shotsy /usr/lib $ locate libwebkit
/usr/lib64/libwebkit-1.0.la
/usr/lib64/libwebkit-1.0.so.2.17.7
/usr/lib64/libwebkit-1.0.so.2
/usr/lib64/libwebkit-1.0.so

Where I got the offending packages is beyond me, these are the repositories I have configure for slaptget:

SOURCE=http://slackware.mirrors.tds.net/pub/slackware/slackware64-current/
SOURCE=http://slackware.org.uk/people/alien/restricted_slackbuilds/
SOURCE=http://connie.slackware.com/~alien/slackbuilds/

# Sources for the testing, extra, and pasture areas – if you use them.
# SOURCE=ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/extra/:PREFERRED
# SOURCE=ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/testing/
# SOURCE=ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/pasture/
SOURCE=http://slackware.mirrors.tds.net/pub/slackware/slackware64-current/extra
SOURCE=http://taper.alienbase.nl/mirrors/slackware/slackware64-current/testing

and all is running again, Thanks

Ken

Write a comment