[SATLUG] glibc GHOST vulnerability - older glibc patches available?
david.salisbury at momentumweb.com
Fri Jan 30 11:27:42 CST 2015
Has anybody heard yet if GNU will be patching older versions of glibc,
like they did with bash re: shellshock, in light of this recently
published glibc vulnerability (http://www.kb.cert.org/vuls/id/967332)?
I've got a particular older box that can't easily be upgraded with
packages and needs to be patched manually.
The original patch that fixed things in the modern glibc version line
back in 2013 can be found here:
But there are lots of changes to the affected files over the years that
would have to be added and those changes could obviously affect other
things related to older glibc if things outside the digits_dots.c file
I wonder if there's a simple patch that has been/could be done to the
__nss_hostname_digits_dots() function for older glibc versions??
More information about the SATLUG