From owner-freebsd-security Thu Jun 27 0:18:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by hub.freebsd.org (Postfix) with ESMTP id 3249F37B405 for ; Thu, 27 Jun 2002 00:18:49 -0700 (PDT) Received: by elvis.mu.org (Postfix, from userid 1192) id 1D199AE160; Thu, 27 Jun 2002 00:18:49 -0700 (PDT) Date: Thu, 27 Jun 2002 00:18:49 -0700 From: Alfred Perlstein To: Lachlan O'Dea Cc: freebsd-security@freebsd.org Subject: Re: resolv and dynamic linking to compat libc Message-ID: <20020627071849.GG18877@elvis.mu.org> References: <3D1AA5F2.9020305@ca.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3D1AA5F2.9020305@ca.com> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Lachlan O'Dea [020626 22:43] wrote: > Hi, > > With regard the resolv vulnerability, is there any issue with older > binaries that are linking against an older libc.so? For example, on my > box I have a /usr/lib/compat/libc.so.3. Will a make world fix this > library as well? Yes, that's a problem, you need to either recompile your binary or create a patched version of libc.so.3 if it is indeed vulnerable. -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message