Hi,
From: Florian Weimer [EMAIL PROTECTED]
Subject: Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver
Libraries
Date: Fri, 05 Jul 2002 12:20:06 +0200
[EMAIL PROTECTED] writes:
Ah, I see your in-depth post on Bugtraq now (-;
http://msgs.securepoint.com/cgi-bin/get
[EMAIL PROTECTED] writes:
I see a claim that glibc isn't vulnerable at:
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
Any comments?
GNU libc in its current version does contain incorrect code from BIND
4.9. It is vulnerable, though not in the way initially described by
what the rest of summer
vacation has in store for us...
From: Florian Weimer
Subject: Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver
Libraries
Date: Thu, 04 Jul 2002 08:40:31 +0200
[EMAIL PROTECTED] writes:
I see a claim that glibc isn't vulnerable at:
http
[Trying again w/ an attempt to graft on to an existing thread.]
Hi,
I see a claim that glibc isn't vulnerable at:
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
Any comments?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
Hi,
I see a claim that glibc isn't vulnerable at:
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
Any comments?
(Sorry about breaking the thread -- I only just recently subscribed
and don't have the messages in this thread in my mailer)
--
To UNSUBSCRIBE, email to [EMAIL
On Mon, Jul 01, 2002 at 11:23:08 +0100, Sam Vilain wrote:
Does anyone know if this affects Debian?
This has been fixed; see http://bugs.debian.org/151342 for details.
HTH,
Ray
--
Gartner Group ?!? Never heard of them. What did they do in computing
except manage to put on their tie
J.H.M. Dassen (Ray) [EMAIL PROTECTED] wrote:
Does anyone know if this affects Debian?
This has been fixed; see http://bugs.debian.org/151342 for details.
Excellent. To summarise that bug report for the benefit of those
interested, if you are running any of the following packages:
bind9
On Mon, 1 Jul 2002 13:02:34 +0100
Sam Vilain [EMAIL PROTECTED] wrote:
J.H.M. Dassen (Ray) [EMAIL PROTECTED] wrote:
Does anyone know if this affects Debian?
This has been fixed; see http://bugs.debian.org/151342 for details.
Excellent. To summarise that bug report for the benefit of
-Original Message-
From: J.H.M. Dassen (Ray) [mailto:[EMAIL PROTECTED]
Sent: 01 July 2002 11:42
Cc: debian-security@lists.debian.org
Subject: Re: CERT Advisory CA-2002-19 Buffer Overflow in
Multiple DNS Resolver Libraries
On Mon, Jul 01, 2002 at 11:23:08 +0100, Sam Vilain wrote
On Mon, Jul 01, 2002 at 13:24:37 +0100, Jeff Armstrong wrote:
-Original Message-
From: J.H.M. Dassen (Ray) [mailto:[EMAIL PROTECTED]
This has been fixed; see http://bugs.debian.org/151342 for details.
I don't think this is 'fixed'?
Sam spoke of libisc4/libdns5 which exist only
-Original Message-
From: J.H.M. Dassen (Ray) [mailto:[EMAIL PROTECTED]
Sent: 01 July 2002 14:03
To: debian-security@lists.debian.org
Subject: Re: CERT Advisory CA-2002-19 Buffer Overflow in
Multiple DNS Resolver Libraries
On Mon, Jul 01, 2002 at 13:24:37 +0100, Jeff Armstrong
Jeff Armstrong [EMAIL PROTECTED] writes:
libc6 is indeed a big package and the Pine announcement seems rather
general, if we are lucky, Debians libresolv.so wont need an update.
I wouldn't count on it. But there aren't any updates in the GNU libc
CVS yet.
--
Florian Weimer
Jeff == Jeff Armstrong [EMAIL PROTECTED] writes:
[...]
Jeff libc6 is indeed a big package and the Pine announcement seems
Jeff rather general, if we are lucky, Debians libresolv.so wont need an
Jeff update.
The Pine announcement only mentions the libc from BSD-based systems,
which is different
Does anyone know if this affects Debian? Apologies if this is old hat.
Does it just need to be patched in libisc4/libdns5 ?
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries
Original release date: June 28, 2002
Last revised
- The Matrix
- Original Message -
From: CERT Advisory cert-advisory@cert.org
To: cert-advisory@cert.org
Sent: Saturday, June 29, 2002 7:18 AM
Subject: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver
Libraries
-BEGIN PGP SIGNED MESSAGE-
CERT Advisory CA-2002-19
15 matches
Mail list logo