[16675] in bugtraq
Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so,
daemon@ATHENA.MIT.EDU (Roman Drahtmueller)
Sat Sep 9 02:29:31 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
Message-Id: <Pine.LNX.4.21.0009090145340.28586-100000@dent.suse.de>
Date: Sat, 9 Sep 2000 02:48:11 +0200
Reply-To: Roman Drahtmueller <draht@SUSE.DE>
From: Roman Drahtmueller <draht@SUSE.DE>
X-To: Jim Knoble <jmknoble@jmknoble.cx>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000908122854.B12324@ntrnet.net>
> What about the compatibility glibc libraries under Red Hat Linux 6.x:
>
> $ cat /etc/redhat-release
> Red Hat Linux release 6.2 (Zoot)
> $ rpm -qa |fgrep compat |fgrep libc
> compat-glibc-5.2-2.0.7.2
> $
>
> Are they vulnerable? Will a fix be released? Do any other
> distributions have such compatibility libraries?
SuSE distributions after (including) Version 6.0 came with libc-5.4.4? for
optional backward compatibility if binaries from older Linux distributions
need the good old libc5. As of today, libc5 is not known to be affected by
the recently discovered locale-related bugs.
SuSE distributions come with binaries linked only against _one_ single
libc/glibc version. (.1.)
***
Compatibility libraries between glibc-2.0 and glibc-2.1 based versions of
SuSE are not provided for stability reasons.
***
SuSE-5.3 came with a package named `shlibs6' (in series a1) to enable the
execution of glibc-2.0-linked programs. This library may be affected by
the recently discovered errors, whereas SuSE-5.3 packages do not depend on
this library, though, as stated in (.1.). Please remove the package using
the command 'rpm -e shlibs6' if you do not need it. There is no update
package for shlibs6 in SuSE-5.3, support for shlibs6/SuSE-5.3 has been
discontinued for stability reasons.
brief overview:
SuSE Kernel libc optional (not
version version version required) libraries
---------------------------------------------------------------------
5.3 2.0 libc-5.4 (glibc-1) libc-6.0 (glibc-2.0)
6.0 2.0 libc-6.0 (glibc-2.0) libc-5.4 (glibc-1)
6.1 2.2 libc-6.0 (glibc-2.0) libc-5.4 (glibc-1)
6.2 2.2 libc-6.1 (glibc-2.1) libc-5.4 (glibc-1)
6.3 % % %
6.4 % % %
7.0 % % %
Thanks,
Roman.
--
- -
| Roman Drahtm|ller <draht@suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| N|rnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -