[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] libc resolver issue
- Subject: Re: [cobalt-security] libc resolver issue
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Wed, 3 Jul 2002 16:15:30 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
CB> Date: Wed, 3 Jul 2002 13:35:21 +0100
CB> From: Chris Burton
CB> Doing that is all well and good, but you must not forget
CB> about the other software that is linked staticaly with the
CB> affected library itself. On the reports I have seen this
CB> includes sendmail etc... so this is another "zlib style"
CB> security problem. Thats not fixed by a simple update of one
CB> "main" package.
cd /usr/src
wget ftp://some.host.tld/path/to/resolv.patch
patch < resolv.patch
make world
Woops, wrong operating system. ;-)
I'm sure that people are sick of my BSD slant... but, as someone
who runs multiple OSes, I enjoy comparing and contrasting them.
IMHO, BSD-style OS rebuilds are _much_ easier.
(Yes, I omitted the need to rebuild each "port" package. That's
not much more difficult.)
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.