Slackware 12.1 Advisory - 2008-210-04 Critical Links Proxy Threat

slackware

July 29, 2008

New links packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix a security issue when using proxies

Summary

Here are the details from the Slackware 12.1 ChangeLog: patches/packages/links-2.1-i486-1_slack12.1.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: https://www.cve.org/CVERecord?id=CVE-2008-3329 (* Security fix *)

Topics Covered

security advisory security issue critical software update Slackware links proxy threat

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/links-2.1-i486-1_slack11.0.tgz
Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/links-2.1-i486-1_slack12.0.tgz
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/links-2.1-i486-1_slack12.1.tgz
Updated package for Slackware -current:

MD5 Signatures

Slackware 11.0 package: 938eccef79b71343d4e2f13ef4454450 links-2.1-i486-1_slack11.0.tgz
Slackware 12.0 package: 0207e7720de54574ef773a0e1f3a35e8 links-2.1-i486-1_slack12.0.tgz
Slackware 12.1 package: 343b0f3f6b33d1097faafa66c777651b links-2.1-i486-1_slack12.1.tgz
Slackware -current package: f137305bc4c7ea5fd0670760b10d653d links-2.1-i486-1.tgz

Severity

critical

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory security issue critical software update Slackware links proxy threat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg links-2.1-i486-1_slack12.1.tgz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 12.1 Advisory - 2008-210-04 Critical Links Proxy Threat

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 12.1 Advisory - 2008-210-04 Critical Links Proxy Threat

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!