[opensuse-security] glibc vulneranbility
Is 13.1 vulnerable to the glibc vulnerability: http://seclists.org/fulldisclosure/2014/Aug/69 http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edi... https://access.redhat.com/solutions/1176253 If so, when is a patch coming? Do all the compiled programs using glibc have to be recompiled? -- James A. Rome http://jamesrome.net -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
On Fri, Aug 29, 2014 at 11:28:28AM -0400, James Rome wrote:
Is 13.1 vulnerable to the glibc vulnerability:
http://seclists.org/fulldisclosure/2014/Aug/69 http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edi... https://access.redhat.com/solutions/1176253
If so, when is a patch coming? Do all the compiled programs using glibc have to be recompiled?
A patch will be coming. No need for rebuild. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
On Fri, Aug 29, 2014 at 11:28:28AM -0400, James Rome wrote:
Is 13.1 vulnerable to the glibc vulnerability:
http://seclists.org/fulldisclosure/2014/Aug/69 http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edi... https://access.redhat.com/solutions/1176253
If so, when is a patch coming? Do all the compiled programs using glibc have to be recompiled?
A patch will be coming.
No need for rebuild.
AFIAK this is only exploitable locally, not remotely? Thus only limited danger.
participants (3)
-
James Rome -
Marcus Meissner -
pinguin74