[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fsuk-manchester] GNU C Library getaddrinfo stack-based buffer overflow
From: |
Michael Dorrington |
Subject: |
[Fsuk-manchester] GNU C Library getaddrinfo stack-based buffer overflow |
Date: |
Thu, 18 Feb 2016 00:02:12 +0000 |
User-agent: |
Mozilla/5.0 (X11; Linux i686 on x86_64; rv:38.0) Gecko/20100101 Icedove/38.5.0 |
Thanks to Jonathan Davis and Simon Ward posting to the list about this
issue. Note this affects computers even if they are "clients" such as
desktops, laptops and so on. This is a very serious vulnerability but
the distros have release fixed packages so, as long as your distro is in
support, you should just need to install your distros updates and then
reboot. You should do this as soon as possible.
Useful links:
http://www.theregister.co.uk/2016/02/16/glibc_linux_dns_vulernability/
https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
Cheers,
M.
--
FSF member #9429
http://www.fsf.org/register_form?referrer=9429
http://www.fsf.org/about
"The Free Software Foundation (FSF) is a nonprofit with a worldwide
mission to promote computer user freedom and to defend the rights of all
free software users."
signature.asc
Description: OpenPGP digital signature
- [Fsuk-manchester] GNU C Library getaddrinfo stack-based buffer overflow,
Michael Dorrington <=