Please support VectorLinux!

Author Topic: 090227 wicd-1.5.9 closes known security vulnerability [VL 5.9]  (Read 2615 times)

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
090227 wicd-1.5.9 closes known security vulnerability [VL 5.9]
« on: February 26, 2009, 09:33:03 pm »
A security vulnerability in wicd-1.5.8 and earlier "allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials."  This vulnerability affects the wicd packages installed from the extra repository for VL 5.9 and VL 5.9.1.  The final releases of VL 6.0 Standard and Deluxe already include the new version and are not vulnerabile.

See:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0489
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.384360

A new wicd package is available in the VL 5.9 testing repository.  It will be moved to extra as soon as we have adequate user testing.
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1