Tag: exploit (Page 2 of 2)

OpenJDK 7u6_b30 with IcedTea 2.3.1 fixes 0day exploit

August 30, 2012 / alienbob / 19 Comments

There is a 0-day (zero-day) exploit out for Java7 (both Oracle Java7 and OpenJDK 7).The attack is mounted through your web browser’s Java plugin.

People using Java6 are not affected by the exploit. This includes everybody who is running a stable version of Slackware. There is no more Java in slackware-current, except for a SlackBuild script which wraps the official Oracle Java7 binaries into a Slackware package. This would make your Java7 on slackware-current vulnerable.

People using OpenJDK7/icedtea-web are not vulnerable to a browser based attack since the icedtea-web browser plugin will prevent the privilege escalation. However, the OpenJDK 7u5_b21 package which I have is still flawed.

Unfortunately, Oracle is taking a long time to respond to this threat. Users of OpenJDK are better off. There was an update of the icedtea build framework. The new version 2.3.1 will build OpenJDK 7u6_b30 and that release has been patched for the exploit.

Get my packages (Slackware 13,37 and newer) for OpenJDK 7u6_b30 here:

http://slackware.com/~alien/slackbuilds/openjdk/ , the primary location (but slow)
http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/openjdk/ , my own fast mirror
Note that the slackware.org.uk mirror is no longer being updated with my stuff after verbal abuse from its operator. Remove that server from any of your scripts and use another mirror like taper.

You will find packages for icedtea-web (the mozilla-compatible brwoser plugin) too at those URLs, as well as the mandatory rhino package (the JavaScript engine). Without this, the OpenJDK will not work.

Notes:

You need to install either the JRE or the JDK package. Not both of them! If you are not a Java developer and never compile Java code, then you do not need the openjdk package and it will be sufficient to install the (much smaller) openjre package instead.
If you are migrating to OpenJDK after having used Oracle’s Java binaries, make sure that you have removed both “jre” and “jdk” packages. Run a command like “removepkg /var/log/packages/jdk-* ; removepkg /var/log/packages/jre-*” to get rid of both. Then install the openjdk or openjre package. Logout and log back in after this package removal/installation so that you will get the proper Java environment.
Test your java browser plugin online: http://javatester.org/version.html or http://www.java.com/en/download/testjava.jsp .

Good luck! Eric

Another glibc multilib update

October 29, 2010 / alienbob / 7 Comments

Barely a week has passed, and we have yet another local root hole in glibc that needed patching. The Slackware ChangeLog said it like this:

a/glibc-solibs-2.12.1-x86_64-3.txz: Rebuilt.
Patched “The GNU C library dynamic linker will dlopen arbitrary DSOs
during setuid loads.” This security issue allows a local attacker to
gain root by specifying an unsafe DSO in the library search path to be
used with a setuid binary in LD_AUDIT mode.
Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
http://seclists.org/fulldisclosure/2010/Oct/344
(* Security fix *)

Of course, I was out of town for a few days when this happened, so it took a little longer to build updated multilib versions for glibc.

But… they are available now for your 64-bit Slackware 13.0, 13.1 and -current. Grab them here: http://slackware.com/~alien/multilib/. If you need guidance, read the README or better even, check out the Wiki page on Slackware multilib.

I hope this is the last hole for a while, it sucks having to rebuild all of this.

Mirrors: http://taper.alienbase.nl/mirrors/people/alien/multilib/ and http://slackware.org.uk/people/alien/multilib/.

Eric

New multilib glibc packages fix local root hole

October 21, 2010 / alienbob / 15 Comments

New glibc packages for Slackware arrived on the mirrors last night. They close a serious local root hole. From the ChangeLog:

Patched “dynamic linker expands $ORIGIN in setuid library search path”.
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary. Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *)

I have already created new multilib versions of the updated glibc packages for Slackware64-current, get them here: http://slackware.com/~alien/multilib/current/ or mirrored here: http://taper.alienbase.nl/mirrors/people/alien/multilib/current/ and here: http://slackware.org.uk/people/alien/multilib/current/.

When I return from work, I will also create I have also created updates to my multilib glibc packages for Slackware64 13.0 and 13.1. Stay posted, I will write a note in the comments section of this article.

Eric

May 2024
M	T	W	T	F	S	S
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

SlackBuilds.org changes for Sat, 04 May 2024 14:46:17 GMT
academic/Gridcoin-Research: Updated for version 5.4.8.0 academic/R: Updated for version 4.4.0. academic/bcftools academic/copasi: Updated for version 4.43.288. academic/fet: Updated for version 6.19.4. academic/pspp: Updated for version 2.0.1. academic/samtools:Upgrade to 1.20 academic/smath-studio: Updated for version 1.1.8763 academic/stellarsolver: Mark for x86_64 only. audio/ardour: Updated for version 8.6.0. audio/audacity: Updated for version 3.5.1. audio/openvino-plugins-ai-audacity: Added (AI-enabled effects, generators, and […]

Tag: exploit (Page 2 of 2)

OpenJDK 7u6_b30 with IcedTea 2.3.1 fixes 0day exploit

Another glibc multilib update

New multilib glibc packages fix local root hole

About this blog

Sponsoring

Categories

Subscribe to Blog via Email

My Favourites

Online me

Slackware

Calendar

slackbuilds

multilib

Slackware64-current

SBo

Meta

Top Posts & Pages

Recent posts

Recent comments