And just subscribe to the slackware-security mailing list, you will receive all needed information in a timely manner for each security fix: availability of the packages, details of a ChangeLog, where to find the packages for all versions in concern, md5 signatures and installation instructions.
|
Quote:
|
Is the only thing required to fix GHOST to upgrade glibc? Just this then - glibc-2.17-x86_64-10_slack14.1.txz?
|
Quote:
if x86_64 is your arch then you'll want the 5 following files... - glibc-2.17-x86_64-10_slack14.1.txz - glibc-i18n-2.17-x86_64-10_slack14.1.txz - glibc-profile-2.17-x86_64-10_slack14.1.txz - glibc-solibs-2.17-x86_64-10_slack14.1.txz - glibc-zoneinfo-2014j-noarch-1.txz |
multilib fix to ghost
if you're using a multilib setup you'll still need patches for that as well
Can anyone else confirm? |
How about recompiling some of my stuff? Bind, Apache, etc. They're ok? How do I check if named is statically linked or dynamically linked against glibc? Is it possible to statically link against glibc?
|
On my installation of 14.1, named and apache are both dynamically linked, which is the default for much of the installation. You can use the readelf utility to find out what libraries an elf binary is dynamically linked against:
Code:
readelf -d /usr/sbin/named |
Quote:
|
Quote:
severe (at least as far as we know) because of the potential for arbitrary code exec and the identification of at least one remote vector. --mancha |
OK. Thanks for your reply. And thank you very much for all your efforts. I very much appreciate your work with Slackware security issues.
|
samba
Quote:
https://download.samba.org/pub/samba...4.1.17.tar.asc |
bind
Quote:
ftp://ftp.isc.org/isc/bind9/9.9.7/bind-9.9.7.tar.gz.asc |
I am running glibc 2.19 on one of my machines. What backported patches and in which order should I apply them to issue all security issues?
Sorry again, found this: [*]glibc 2.19 Code:
# 2014-05: We'll try building with the stock asm.. |
Update 20150302
|
20150318
|
All times are GMT -5. The time now is 07:29 AM. |