[Bsd-sharp-list] HEADS UP: Mono 1.1.13.8.1 security update and more
in FreeBSD tree.
Tom McLaughlin
tmclaugh at sdf.lonestar.org
Sat Oct 7 17:08:10 MDT 2006
I've just merged what I can out of the BSD# repo into the FreeBSD repo.
Mono 1.1.13.8.1 is a security update. From the commit.
Update to 1.1.13.8.1
- fix CVE-2006-5072:
Sebastian Krahmer of the SuSE security team discovered that the
System.CodeDom.Compiler classes used temporary files in an insecure
way. This could allow a symbolic link attack to create or overwrite
arbitrary files with the privileges of the user invoking the
program. Under some circumstances, a local attacker could also
exploit this to inject arbitrary code into running Mono processes.
vuxml id: 5a39a22e-5478-11db-8f1a-000a48049292
- Add USE_NANT to bsd.mono.mk for those ports I have hanging around
which require NANT to build.
Release notes:
- 1.1.13.8.1: http://go-mono.com/archive/1.1.13.8.1/
- 1.1.13.8: http://go-mono.com/archive/1.1.13.8/
In addition the following has also been updated:
bless -> 0.4.1_1,1
evolution-sharp -> 0.11.1
f-spot -> 0.2.1
gtk-sharp20 -> 2.8.2
muine -> 0.8.5
Tomboy 0.4.1 will be committed when Gnome 2.16 is merged.
tom
--
| tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org |
| FreeBSD http://www.FreeBSD.org |
| BSD# http://www.mono-project.com/Mono:FreeBSD |
More information about the Bsd-sharp-list
mailing list