> From: Curt Seeliger <[EMAIL PROTECTED]>
> 
> Folks,
> 
> If a security patch is required for the C library, this seems to imply
> that all applications compiled against the library require
> recompilation.  


No, that's the benefit of dynamically linked (aka shared libraries)
executables.  You don't need to recompile everything in this case.
You would need to recompile anything that was statically linked, but I
doubt you have any statically linked binaries.


> Am I mistaken, or do I have a whole lotta work ahead of
> me?



> Second, since I'm running 6.2, I'm looking for the appropriate patches
> (I've only seen them for 7.0).  Is there some reason why 6.2 would be
> unpatched -- is it, as far as the vulnerabilities fixed by these
> pathces go, more secure than 7.0?


I suspect, but don't know for certain, that the changes they made
between glibc 2.1 and 2.2 introduced this bug (remember, adding new
features also adds new bugs :-) so it's not a problem with RH 6.2
(although there was a recent glibc update for RedHat 6.2 that you may
want).  See your favorite mirror of ftp://updates.redhat.com/6.2/i386


Dave



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to