Folks,
If a security patch is required for the C library, this seems to imply
that all applications compiled against the library require
recompilation. Am I mistaken, or do I have a whole lotta work ahead of
me?
Second, since I'm running 6.2, I'm looking for the appropriate patches
(I've only seen them for 7.0). Is there some reason why 6.2 would be
unpatched -- is it, as far as the vulnerabilities fixed by these
pathces go, more secure than 7.0?
Thanks for your feedback,
cur
----------
Red Hat: 'glibc' vulnerability - 1/11/2001
A couple of bugs in GNU C library 2.2 allow unpriviledged user to read restricted
files and preload libraries in /lib and /usr/lib
directories into SUID programs even if those libraries have not been marked as such by
system administrator.
ftp://updates.redhat.com/7.0/i386/glibc-2.2-12.i386.rpm
91b935bfb0d5fb43394d8557fe754bb4
ftp://updates.redhat.com/7.0/i386/glibc-common-2.2-12.i386.rpm
b1218c0c2b6f5bd1e161c3158d0418a5
ftp://updates.redhat.com/7.0/i386/glibc-devel-2.2-12.i386.rpm
0d0bc7d1cd31c548e474146a7cdfea51
ftp://updates.redhat.com/7.0/i386/glibc-profile-2.2-12.i386.rpm
9891a9d1967be619ca74a1de5d0b1f63
ftp://updates.redhat.com/7.0/i386/nscd-2.2-12.i386.rpm
d56ba6b8f82c92b9a872e7ee94c706a9
Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-1045.html
--
Curt Seeliger
OAO Corporation, EPA/WED contractor
541/754-4638
[EMAIL PROTECTED]
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
