Date: Wed, 17 Feb 2016 14:50:28 +0100 From: Kurt Jaeger <lists@opsec.eu> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: "O. Hartmann" <ohartman@zedat.fu-berlin.de>, freebsd-current <freebsd-current@freebsd.org> Subject: Re: CVE-2015-7547: critical bug in libc Message-ID: <20160217135028.GR26283@home.opsec.eu> In-Reply-To: <20160217134003.GB57405@mutt-hardenedbsd> References: <20160217142410.18748906@freyja.zeit4.iv.bundesimmobilien.de> <20160217134003.GB57405@mutt-hardenedbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! > The project that's vulnerable is called "glibc", not "libc". The BSDs > don't use glibc, so the phrase "nothing to see here" applies. glibc > isn't even available in FreeBSD's ports tree. > > TL;DR: FreeBSD is not affected by CVE-2015-7547. A short note on the www.freebsd.org website would probably be helpful, as this case will produce a lot of noise. -- pi@opsec.eu +49 171 3101372 4 years to go !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160217135028.GR26283>