30 Aug
2014
30 Aug
'14
14:41
On Fri, Aug 29, 2014 at 11:28:28AM -0400, James Rome wrote:
Is 13.1 vulnerable to the glibc vulnerability:
http://seclists.org/fulldisclosure/2014/Aug/69 http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edi... https://access.redhat.com/solutions/1176253
If so, when is a patch coming? Do all the compiled programs using glibc have to be recompiled?
A patch will be coming.
No need for rebuild.
AFIAK this is only exploitable locally, not remotely? Thus only limited danger.