From owner-freebsd-security Wed Jun 26 17:57:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from bluenugget.net (bluenugget.net [64.32.175.43]) by hub.freebsd.org (Postfix) with ESMTP id EF49337C33E for ; Wed, 26 Jun 2002 16:42:59 -0700 (PDT) Received: from [192.168.4.154] (sf-gw.epylon.com [63.93.9.98]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by bluenugget.net (Postfix) with ESMTP id 99495136C8; Wed, 26 Jun 2002 16:44:39 -0700 (PDT) Date: Wed, 26 Jun 2002 16:42:51 -0700 From: Jason DiCioccio Reply-To: Jason DiCioccio To: Mark Hartley Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv Message-ID: <2147483647.1025109771@[192.168.4.154]> In-Reply-To: References: X-Mailer: Mulberry/3.0.0a3 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Basically, if you have anything that is statically linked, it was most likely linked against libc :).. If it's a linux binary, you might be safe though for example. Of course that doesn't necessarily mean that it's going to use the functions that are vulnerable. But you can pretty safely assume that any statically linked freebsd binary on your system was linked against libc. Cheers, -JD- --On Wednesday, June 26, 2002 3:13 PM -0700 Mark Hartley wrote: > > Are there other common applications (not rebuilt by the world) that many > of us are likely to be running which are going to need to be rebuilt > (i.e. Apache, pop3 servers, db servers, etc)? > > I'm not really sure how to even know if an application would be statically > linked against libc. Maybe someone with a clue could post some > instructions on how to check out if an app is statically linked against > libc, then we could test our own apps and rebuild as needed. Anyone have > an easy way that we can tell? > > Thanks. > > Mark. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Jason DiCioccio - jd@bluenugget.net - Useless .sig Open Domain Service - geniusj@ods.org - http://www.ods.org/ Ruby - jd@ruby-lang.org - http://www.ruby-lang.org/ PGP Fingerprint - C442 04E2 26B0 3809 8357 96AB D350 9596 0436 7C08 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message