|
From: | Paolo Bonzini |
Subject: | [Help-smalltalk] Re: [Patch]State of CVE-2009-3736 |
Date: | Thu, 24 Jun 2010 19:02:15 +0200 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.10) Gecko/20100621 Fedora/3.0.5-1.fc13 Lightning/1.0b2pre Thunderbird/3.0.5 |
On 06/24/2010 06:51 PM, Jochen Schmitt wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hallo, on March 2010 I have introduced a patch to gnu-smalltalk-3.1-8 to fix the security issue CVE-2009-3736. Unfortunately, I'm not uptodate of the upstream integration of fixing this securiy issue. Therfore I will ask, if this issue is fix on gnu-smalltalk-3.2.
Yes, it is fixed. However, with 3.2 you can also simply configure --with-system-libltdl (I suppose you're already using system libffi and libsigsegv) and drop the Fedora-specific patch.
Thanks! Paolo
[Prev in Thread] | Current Thread | [Next in Thread] |