We’ve got one more security vulnerability to announce this morning. This one likely does not affect as many users, but it should require attention nonetheless.
Detail follow:
- Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user’s privileges.
You can apply this patch using the graphical Update Manager utility, or by running the following two commands from the Terminal:
sudo aptitude update
sudo aptitude safe-upgrade
In general, a standard system upgrade is sufficient to effect the necessary changes.
http://selinuxnews.org/planet/rss20.xml seems to pull the security tagged posts. Did you set this up, or did they? Could it be updated to use a selinux tag?
I did not set this up–this is news to me. I’ll see if I can get a hold of someone there and clear it up.