Bugtraq mailing list archives
Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext
From: Roman Drahtmueller <draht () SUSE DE>
Date: Sat, 9 Sep 2000 02:48:11 +0200
What about the compatibility glibc libraries under Red Hat Linux 6.x: $ cat /etc/redhat-release Red Hat Linux release 6.2 (Zoot) $ rpm -qa |fgrep compat |fgrep libc compat-glibc-5.2-2.0.7.2 $ Are they vulnerable? Will a fix be released? Do any other distributions have such compatibility libraries?
SuSE distributions after (including) Version 6.0 came with libc-5.4.4? for optional backward compatibility if binaries from older Linux distributions need the good old libc5. As of today, libc5 is not known to be affected by the recently discovered locale-related bugs. SuSE distributions come with binaries linked only against _one_ single libc/glibc version. (.1.) *** Compatibility libraries between glibc-2.0 and glibc-2.1 based versions of SuSE are not provided for stability reasons. *** SuSE-5.3 came with a package named `shlibs6' (in series a1) to enable the execution of glibc-2.0-linked programs. This library may be affected by the recently discovered errors, whereas SuSE-5.3 packages do not depend on this library, though, as stated in (.1.). Please remove the package using the command 'rpm -e shlibs6' if you do not need it. There is no update package for shlibs6 in SuSE-5.3, support for shlibs6/SuSE-5.3 has been discontinued for stability reasons. brief overview: SuSE Kernel libc optional (not version version version required) libraries --------------------------------------------------------------------- 5.3 2.0 libc-5.4 (glibc-1) libc-6.0 (glibc-2.0) 6.0 2.0 libc-6.0 (glibc-2.0) libc-5.4 (glibc-1) 6.1 2.2 libc-6.0 (glibc-2.0) libc-5.4 (glibc-1) 6.2 2.2 libc-6.1 (glibc-2.1) libc-5.4 (glibc-1) 6.3 % % % 6.4 % % % 7.0 % % % Thanks, Roman. -- - - | Roman Drahtmüller <draht () suse de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
Current thread:
- [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext bugzilla (Sep 07)
- Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext Jim Knoble (Sep 08)
- Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext Roman Drahtmueller (Sep 12)
- Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext Pavel Kankovsky (Sep 12)
- Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext Roman Drahtmueller (Sep 12)
- Re: [RHSA-2000:057-04] glibc vulnerabilities in ld.so, locale and gettext Jim Knoble (Sep 08)