marnix_lfs at mkaart.net
Wed Jun 11 00:52:13 PDT 2003
On Monday 02 June 2003 00:03, Dagmar d'Surreal wrote:
> ..and more to the point, here's an annotated diff that people should
> start applying to glibc. It was assembled directly from the components
> listed in CERT Advisory CA-2003-10. Since glibc-2.3.2 is not vulnerable
> to this, if you are currently building using the current CVS tree of
> LFS, you don't need to worry about it. Everyone else using any version
> of glibc previous to 2.3.2 (2.3.1, 2.2.5, etc) should apply this patch
> to their glibc sources and rebuild to eliminate the vulnerability from
> their system.
I am planning to apply the patch and recompile glibc (2.3.1), but I'm not sure
wether it is safe. In other words: will recompiling glibc break my system?
And how about dependencies, do I need to worry about other packages stopping
to work after glibc has been patched? Finally, can I just use the lfs (4.1)
instructions from chapter 6 for this?
Reg. Linux User #267495 http://counter.li.org
Reg. LFS User #5496 http://linuxfromscratch.org
() ascii ribbon campaign - against html mail
/\ - against proprietary formats
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security