BSD libc DNS Lookup Buffer Overflow Vuln - Who's open?
[link|http://online.securityfocus.com/bid/5100/info/|SecurityFocus] lists this one. The claims to vulnerability or otherwise are scattered. SF has RH listed v. 5.2 - current, CERT has RH as "unknown", and discussion elsewhere suggests that Olaf Kirch's glibc rewrite got RH off the hook. Red Hat's own [link|http://rhn.redhat.com/errata/rh73-errata-security.html|security page] has no mention.
Anyone got the poop?
--
Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]
[link|http://kmself.home.netcom.com/|[link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]]
What part of "gestalt" don't you understand?
Keep software free. Oppose the CBDTPA. Kill S.2048 dead.
[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/...a_alert.html]]