Announcement

Collapse
No announcement yet.

Linux "GHOST" Vulnerability Hits Glibc Systems

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #31
    Originally posted by curaga View Post
    These exploits continue with excellent naming.
    Yeah, kind of makes me want to re-watch GitS

    Comment

    • #32
      Originally posted by nanonyme View Post
      Try also with just libc. Debian/Ubuntu camp is notorious in making up their own names instead of following upstream
      They maight be making up names of other libraries as well, because glib != glibc.

      Comment

      • #33
        Originally posted by duby229 View Post
        Gentoo is fantastic. I use it almost exclusively for my personal OS. But for the network I maintain I have been using Redhat. Specifically for situations just like this. It's nice to have that commercial support. I got the server images updated today, but I still have to deploy them. The thin clients and workstations I'm not too concerned about. I'm already working on a new image for the thin clients anyway, so I'll throw this fix in that image.
        Gentoo is brilliant. I'm using a derivative (Sabayon - because I'm too impatient to compile everything from scratch), but I use portage enough to see its influence.
        For anyone who hasn't tried it, it's like using Debian with stable, testing and sid enabled at once, but everything is pinned automatically and you can install any available version of a package, as opposed to one per repository. Also, the package manager is /very/ colourful.

        Comment

        • #34
          Originally posted by eydee View Post
          Why so sour? Why so serious? No able to recognize a joke but still not in jail or beaten up? This world is indeed cruel...
          What you did was not tell a joke, but try to spread lies to make people think Linux is insecure.

          Comment

          • #35
            Originally posted by stqn View Post
            What you did was not tell a joke, but try to spread lies to make people think Linux is insecure.
            There is no secure operating system which has drivers for modern hardware and can run modern software. Any such system is full of intentional and accidental security bugs like buffer overflows.
            System would be relatively secure only if it would be non-Windows and non-Unix without any legacy garbage.
            Last edited by JS987; 28 January 2015, 12:34 PM.

            Comment

            • #36
              I got my server images with this fix deployed last night. Everything went smoothly. Just by coincidence I discovered a bug that was probably annoying some of the people using one of the servers.... So all in all it was worthwhile.

              Comment

              • #37
                Originally posted by rdnetto View Post
                Gentoo is brilliant. I'm using a derivative (Sabayon - because I'm too impatient to compile everything from scratch), but I use portage enough to see its influence.
                For anyone who hasn't tried it, it's like using Debian with stable, testing and sid enabled at once, but everything is pinned automatically and you can install any available version of a package, as opposed to one per repository. Also, the package manager is /very/ colourful.
                Oh yeah, and It's been making a ton of progress lately. The no-emul profile is fantastic. Every problem I ever had with running 32bit binaries is gone. That was the last major problem that I had with gentoo. I'm loving it.

                EDIT: And the 4.8 series of GCC is solid as a rock.
                Last edited by duby229; 28 January 2015, 01:27 PM.

                Comment

                • #38
                  Originally posted by JS987 View Post
                  There is no secure operating system which has drivers for modern hardware and can run modern software. Any such system is full of intentional and accidental security bugs like buffer overflows.
                  System would be relatively secure only if it would be non-Windows and non-Unix without any legacy garbage.
                  I meant: Any system which has drivers and can run software isn't safe intentionally or because of incompetence, negligence and outdated design.

                  Comment

                  • #39
                    Originally posted by duby229 View Post
                    Oh yeah, and It's been making a ton of progress lately. The no-emul profile is fantastic. Every problem I ever had with running 32bit binaries is gone. That was the last major problem that I had with gentoo. I'm loving it.

                    EDIT: And the 4.8 series of GCC is solid as a rock.
                    I moved to no-emul one one machine a few weeks ago. One problem worth mentioning is qt-sql. Going no-emul had a side-effect of requiring >=virtual-mysql-5.6, which ended up requiring mariadb-10.0, which I presume was going to hit a bunch of other packages. I ended up unmasking emul-linux-x86-qttlibs-20140508-r1 and have that one piece of emul left.

                    I found that some stuff wouldn't build/upgrade until I got to gcc-4.8.

                    Comment

                    • #40
                      Mint 17 (Which is Ubuntu 14.04 give or take) is using libc-2.19. So 14.04 should be OK.

                      Just look at the lib in /lib/x86_64-linux-gnu. The version is the file name (libc-2.19.so).

                      The good thing, of course, is they announce this stuff on Phoronix, not publish it in the wall street journal, CBS, ABC, etc like windows vulnerabilities.

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X