Mayday mayday mayday! - glibc, Slackware 12
Seems that building glibc for Slack12 (I know its oldie), due to latest security hole, is gonna be quite painful.
At first I still cant find patches or even sources for 2.5 branch. Maybe I wasnt looking in the right place or maybe there is a way to upgrade Slack12 to the supported branch ? Does anyone know ? |
Back up the files you want to keep, and install a more recent Slackware version, preferably 14.1 if your hardware can handle it, but at least 13.0 as older versions won't be patched any more. The more recent version you install, the longer it will be supported.
|
Debian and Ubuntu might have patches for 2.5 but yes, patches will be few. You could ask the glibc developers as well.
|
Quote:
|
There's also the option of trying to harden the system. It would take some work, but hardening the system might help. Might not help much, but if you can't upgrade for any specific reason, it's your best shot.
It's an older topic, but it should translate enough for 12.x http://www.linuxquestions.org/questi...-guide-299708/ |
Quote:
Though, it would be quicker and easier IMHO to backup your configuration files and local data and do a 14.1 install. Both may sound painful but you will save yourself from trouble next time there is a major issue. |
Where do you guys look for glibc patches (source code) ?
I was looking at this location http://ftp.gnu.org/gnu/glibc/ but there are no patches. Only releases. |
|
Quote:
https://news.ycombinator.com/item?id=8953545 The original patch was applied to glibc 2.17 for upgrading to 2.18 It might well work on other versions of glibc. Comment out ('#' in column 1) the parts about updating the ChangeLog and the NEWS files. https://sourceware.org/git/?p=glibc....53bf9a4926845d Click on "patch" |
Hi, thank you all for your answers.
I probably was not clear enough with my last post. If you look at the patch repository for Slackweare12 for glibc: http://mirrors.slackware.com/slackwa.../source/glibc/ then you can find there glibc patches/diffs itself. Eg: Code:
glibc.CVE-2010-3847.diff.gz Does anyone know the location diff/patche files for glibc ? |
Quote:
http://www.gnu.org/software/libc/development.html Good luck. |
Um... You probably might want to stick to Google on that searching "glibc-2.5.x patches" or similar. If anything, Debian's, Slackware's, and maybe Gentoo might be the best places to look. Older LinuxFromScratch books might be useful also.
If anything, you might want to research the glibc hardening patches as well for 2.5.x if any still exist. These patches are high security patches that aim to prevent security issues. They aren't always 100%, but for your case, it might help. Be sure to test the patch first before editing the Slackbuild and redraft the diff as needed. Kompare from KDE is useful for this. |
All times are GMT -5. The time now is 06:26 AM. |