[2192] in bugtraq
Re: Final analysis of syslog threat under Linux
daemon@ATHENA.MIT.EDU (Jeff Uphoff)
Fri Sep 1 04:19:52 1995
Date: Wed, 30 Aug 1995 13:34:54 -0400
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
X-To: "A.Cox" <anarchy@thunder.swansea.linux.org.uk>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: Your message of Tue, August 29, 1995 23:12 BST
"AC" == A Cox <anarchy@thunder.swansea.linux.org.uk> writes:
AC> This problem affects most Linux (and probably most unix systems)
AC> and should be acted on immediately. Simply switching to libc4.7.2
AC> will adequately protect almost all users. Note that libc4.7.2 has
AC> some bugs but libc4.7.4 appears more correct. Even though the built
AC> libc4.7.4 is in hjl's private area it should be made available by
AC> all ftp sites ASAP.
I have made a copy of libc-4.7.4 publicly available, for now, in:
ftp://linux.nrao.edu/pub/linux/security/libc-4.7.4/
This version is, as Alan states, not currently a public release; it's
only available in H.J. Lu's "hidden" GCC development area on
tsx-11.mit.edu (and its mirrors, of which linux.nrao.edu is one).
H.J. has given his OK for this "pseudo-release."
--Up.
--
Jeff Uphoff - systems/network admin. | juphoff@nrao.edu
National Radio Astronomy Observatory | jeff.uphoff@linux.org
Charlottesville, VA, USA | http://linux.nrao.edu/~juphoff/
