new vulnerability affects most gnu/Linux Systems
- Inicie sesión o regístrese para enviar comentarios
yes this new vulnerability
Its tru???
http://thehackernews.com/2015/01/ghost-linux-security-vulnerability27.html
that is a problem. but the news just after that one on the hacker news website is just as serious: "Taylor Swift's Twitter and Instagram Accounts Hacked" ..........
:)
wtfdic?
This is a very serious vulnerability.
"Using the exploit, an attacker is able to craft malicious emails that could automatically compromise a vulnerable server without the email even being opened, according to Amol Sarwate, director of engineering with Qualys."
I updated my system, of course.
Is this only applicable if you are running an email server then?
BTW, this vulnerability was fixed on May 21, 2013
(between the releases of glibc-2.17 and glibc-2.18). Unfortunately, it
was not recognized as a security threat; as a result, most stable and
long-term-support distributions were left exposed (and still are):
Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7,
Ubuntu 12.04, for example.
Can someone explain what part(s) of ones system needs to be patched? Thanks.
Just read it, please.
The update hasn't reached Trisquel 6 yet.
EDIT: Nvm, it has. packages.trisquel.info is outdated.
Thanks Trisquelian - I had done so. My system doesn't appear to have eglibc installed and was simply seeking confirmation in case I was missing something.
glibc is provided in Debian-based systems by the libc6 package. (This is due to historical reasons; for some time, a fork of glibc called "Linux libc" was used in GNU/Linux distros, and that fork's most recent version was 5.)
Every GNU/Linux installation includes glibc. It's a basic component of the OS.
Thanks for the clarification.
It really annoys me when people say "Linux is affected by Ghost", I mean, since when is glibc part of a kernel?
- Inicie sesión o regístrese para enviar comentarios