Glibc: Mega bug may hit thousands of devices

Glibc: Mega bug may hit thousands of devices - Printable Version

+- Linux Lite Forums (https://www.freecinema2022.gq/forums)
+-- Forum: General (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=4)
+--- Forum: Security & Bug Fixes (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=16)
+--- Thread: Glibc: Mega bug may hit thousands of devices (/showthread.php?tid=2692)

Glibc: Mega bug may hit thousands of devices - newtusmaximus - 02-17-2016

http://www.bbc.co.uk/news/technology-35592916

Significance for LL users??

Re: Glibc: Mega bug may hit thousands of devices - shaggytwodope - 02-17-2016

(02-17-2016, 11:45 AM)newtusmaximus link Wrote:http://www.bbc.co.uk/news/technology-35592916

Significance for LL users??

While its generally just fine to pay attention to news in this field, it's rarely going to explain things in much detail. And be aware of scare tactics to get more clicks/views.

But in this case, you'll want to check out https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-February/003305.html And here for far more details on the extact issue reported in that article https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html

If security updates and warnings are of interest to you, I suggest checking out the related mailing lists. And never be afraid to ask or point out a new security issue of this scope. (Your favorite image viewer may not be the end of the world.)

Re: Glibc: Mega bug may hit thousands of devices - avj - 02-17-2016

I recommend that everyone run install updates to get the fixed package shown on the link provided by shaggytwodope.

I have, and can confirm that the package

Code:
libc6                           2.19-0ubuntu6.7

was updated.

According to the link you need to restart your system for it to complete the process.

Code:
It was discovered that the GNU C Library incorrectly handled receiving

responses while performing DNS resolution. A remote attacker could use this

issue to cause the GNU C Library to crash, resulting in a denial of

service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following

package versions:

Ubuntu 15.10:

  libc6                           2.21-0ubuntu4.1

Ubuntu 14.04 LTS:

  libc6                           2.19-0ubuntu6.7

Ubuntu 12.04 LTS:

  libc6                           2.15-0ubuntu10.13

After a standard system update you need to reboot your computer to make

all the necessary changes.

Re: Glibc: Mega bug may hit thousands of devices - TMG1961 - 02-17-2016

Here also updated to latest version