Alien Pastures

My thoughts on Slackware, life and everything

Tag: glibc (Page 3 of 4)

Another glibc multilib update

October 29, 2010 / / 7 Comments

Barely a week has passed, and we have yet another local root hole in glibc that needed patching. The Slackware ChangeLog said it like this:

a/glibc-solibs-2.12.1-x86_64-3.txz: Rebuilt.
Patched “The GNU C library dynamic linker will dlopen arbitrary DSOs
during setuid loads.” This security issue allows a local attacker to
gain root by specifying an unsafe DSO in the library search path to be
used with a setuid binary in LD_AUDIT mode.
Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
http://seclists.org/fulldisclosure/2010/Oct/344
(* Security fix *)

Of course, I was out of town for a few days when this happened, so it took a little longer to build updated multilib versions for glibc.

But… they are available now for your 64-bit Slackware 13.0, 13.1 and -current. Grab them here: http://slackware.com/~alien/multilib/. If you need guidance, read the README or better even, check out the Wiki page on Slackware multilib.

I hope this is the last hole for a while, it sucks having to rebuild all of this.

Mirrors: http://taper.alienbase.nl/mirrors/people/alien/multilib/ and http://slackware.org.uk/people/alien/multilib/.

Eric

New multilib glibc packages fix local root hole

October 21, 2010 / / 15 Comments

New glibc packages for Slackware arrived on the mirrors last night. They close a serious local root hole. From the ChangeLog:

Patched “dynamic linker expands $ORIGIN in setuid library search path”.
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary.  Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *)

I have already created new multilib versions of the updated glibc packages for Slackware64-current, get them here: http://slackware.com/~alien/multilib/current/ or mirrored here: http://taper.alienbase.nl/mirrors/people/alien/multilib/current/ and here: http://slackware.org.uk/people/alien/multilib/current/.

When I return from work, I will also create I have also created updates to my multilib glibc packages for Slackware64 13.0 and 13.1. Stay posted, I will write a note in the comments section of this article.

Eric

New multilib packages for 64-bit Slackware-current

October 13, 2010 / / 7 Comments

As you may have noticed already, there are interesting updates in the Slackware ChangeLog.txt !

A new kernel, and new glibc plus gcc packages means there has to be an updated set of multilib packages too or else you bunch of hybrid lovers would be left out in the cold.

Well actually there is an update to my multilib packages too! . The http://slackware.com/~alien/multilib/current/ is a new directory with goodies for your consumption.

For installation/upgrade instructions see the multilib README or even better, read my Wiki article at http://alien.slackbook.org/dokuwiki/doku.php?id=slackware:multilib (which has not yet been updated with package versions for slackware64-current, but that will change soon).

In the slackware64-compat32 subdirectory I added the set of packages which have been generated by the massconvert32.sh script, i.e. that directory contains all the support libraries you need (along with my gcc/glibc and compat32-tools packages) to turn your Slackware64-current into a multilib system.

Good luck! Eric

PS:

Fast mirror at http://taper.alienbase.nl/mirrors/people/alien/multilib/current/

Rsync access offered through rsync://taper.alienbase.nl/mirrors/people/alien/multilib/current/

New multilib gcc and glibc coming up for Slackware 13.1 RC1

May 14, 2010 / / 9 Comments

Hi folks

As the Slackware ChangeLog states:

Fri May 14 19:37:13 UTC 2010
Good hello! We will call this update Slackware 13.1 RC1. With this, the
kernel, compiler, and glibc versions are “golden”, and everything is
pretty much ready to release. Last call for bug reports…

I’m in the process of building the multilib versions of the new gcc and the recompiled glibc packages which entered Slackware-current today. Pat Volkerding caught me with this update while I was on holiday, so I did not have the time to prepare packages before.

In the meantime, if you are running Slackware64-current and using my multilib gcc/glibc , then you can just update to the latest -current excluding Slackware’s non-multilib gcc and glibc. My updated packages will be available tomorrow.

Cheers, Eric

EDIT 15-may-2010:

I have uploaded the multilib versions of glibc and gcc for Slackware 13.1 here: http://slackware.com/~alien/multilib/13.1/. A detailed multilib setup HOWTO for Slackware is here: http://alien.slackbook.org/dokuwiki/doku.php?id=slackware:multilib

Bleeding at the edges again?

January 5, 2010 / / 4 Comments

… Ok, ok, it is not so bad actually! Au contraire!

Slackware Linux development made a big leap today, when Pat Volkerding updated the distro’s “vital organs” of kernel, glibc and gcc. The “dull” phase of the slackware-current development cycle is over hopefully, and it’s back to the bleeding edge.

To be fair, gcc 4.4.2 has been sitting in “testing” area for quite a while now, and we think it is time to promote it into the core. With glibc 2.11.1 we are pushing it, as this is the most recent stable release, and the 2.6.32.2 kernel was much-anticipated by those who run -current on their computers.

Note that the new kernel has full support for EFI (the Extensible Firmware Interface which is going to be the replacement for the ageing BIOS on modern computers). This means that there is also support for GPT partitions. GUID Partition Table is a standard for the layout of the partition table on a physical hard disk (part of the EFI specification and meant to overcome the 2 TB size limitation of MBR partitions). We still have to look into updating the Slackware installer for automatic GPT partition recognition, but you will be able to use GPT partitions if you do some footwork yourself before running “setup”.

With this update to Slackware’s vitals, the stage is set for further tweaks of the core, but I think that for now, you will have plenty to play with.

And as promised to those running the 64-bit version of Slackware-current, I have made available multilib versions of the new gcc and glibc packages! Thanks to Pat Volkerding who allowed me sufficient time to build and rebuild these packages on my old computer until they were just perfect (I hope) and could be released along with the Slackware originals.

You can get them here: http://slackware.com/~alien/multilib/13.1/ (I took the liberty of assuming that 13.1 will be the version of the next Slackware release, mainly because I needed to give that directory a name).

For detailed instructions about what multilib means to the 64-bit Slackware and how you can add it, read this wiki article: http://alien.slackbook.org/dokuwiki/doku.php?id=slackware:multilib

Have fun! Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑