[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] libc resolver issue
- Subject: Re: [cobalt-security] libc resolver issue
- From: John Bailey <support@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 3 Jul 2002 12:44:32 +0100 (BST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> libresolv is the culprit. This is uglier than your standard BIND
> patchfest.
According the the advisory, libbind and libc are both vulnerable.
Fortunatly, glibc 2.1.3 (which is what's installed on the RaQ3 I just
looked at) isn't vulnerable[1], so it looks like libresolv is o.k.,
leaving just libbind. Anyone know off-hand what's linked to this? It
appears to be a static library ... *sigh*
Regards,
John
[1] http://www.kb.cert.org/vuls/id/AAMN-5BMSW2