-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2004-1230 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1232 2004-02-04 - --------------------------------------------------------------------- Name : slocate Version 7.2 : 2.7-1.7.2 Version 7.3 : 2.7-1.7.3 Version 8.0 : 2.7-1.8.0 Summary : Finds files on a system via a central database. Description : Slocate is a security-enhanced version of locate. Just like locate, slocate searches through a central database (which is updated nightly) for files that match a given pattern. Slocate allows you to quickly find files anywhere on your system. - --------------------------------------------------------------------- Update Information: CAN-2003-0848: Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. - --------------------------------------------------------------------- Changelog: * Wed Feb 04 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> - - 2.x.x.legacy - - fixed package version, pushing to updates. - - fixed URL * Thu Jan 22 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - - Fix automake regeneration (adds buildreq autoconf,automake). - - Clear buildroot at beginning of %install. - - Copyright->License, Prereq->Requires(pre,preun). * Wed Jan 21 2004 Mark Cox <mjc@xxxxxxxxxx> - - drop privs for non slocate gid databases (CAN-2003-0848) - - update to 2.7 - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ (sha1sums) 50b9bf61a1c6066c2c0671cb9c38a18f07c9e5fa 7.2/updates-testing/SRPMS/slocate-2.7-1.7.2.legacy.src.rpm 47b001b499d89b75a8bad2dafb884d9c393c1e9a 7.2/updates-testing/i386/slocate-2.7-1.7.2.legacy.i386.rpm b3654ebce54ae26617f2f18457fa9731542971ab 7.3/updates-testing/SRPMS/slocate-2.7-1.7.3.legacy.src.rpm eae25387e00a671974e0c43aa5b7f478dd04636f 7.3/updates-testing/i386/slocate-2.7-1.7.3.legacy.i386.rpm b2238d14cec50187139883c34265c905b8495109 8.0/updates-testing/SRPMS/slocate-2.7-1.8.0.legacy.src.rpm a22d3b45922b0123a0ca9035dd9f66093d63651d 8.0/updates-testing/i386/slocate-2.7-1.8.0.legacy.i386.rpm - --------------------------------------------------------------------- Notes: This is an upgrade rather than a backport. Many bugfixes between 2.6 and 2.7, very very little changes externally. RHEL 2.1 also updated rather than backported. Tests well. Please test and comment in bugzilla. - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) Mondo DevTeam (www.mondorescue.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAIeEG4v2HLvE71NURAnsGAJ9repVII+pukj652Bk2VRpIjWs0cwCgpaCh WvaN6N9pDYMXYGOihr3NVHk= =nghA -----END PGP SIGNATURE-----
