[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


Well, it appears there is a serious problem with libc 4.6.27 and
earlier.  Should we upgrade to libc 4.7.4 at this late date?  Has
anyone used this version?  If so, what have been your experiences?

------- Start of forwarded message -------
Date: Wed, 30 Aug 1995 13:34:54 -0400
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: anarchy@thunder.swansea.linux.org.uk (A.Cox)
Cc: big-linux@netspace.org, bugtraq@crimelab.com, cert@cert.org,
        hjl@nynexst.com, torvalds@cs.helsinki.fi,
        linux-announce@vger.rutgers.edu, linux-security@tarsier.cv.nrao.edu
Subject: Re: Final analysis of syslog threat under Linux

"AC" == A Cox <anarchy@thunder.swansea.linux.org.uk> writes:

AC> 	This problem affects most Linux (and probably most unix systems)
AC> and should be acted on immediately. Simply switching to libc4.7.2
AC> will adequately protect almost all users. Note that libc4.7.2 has
AC> some bugs but libc4.7.4 appears more correct. Even though the built
AC> libc4.7.4 is in hjl's private area it should be made available by
AC> all ftp sites ASAP.

I have made a copy of libc-4.7.4 publicly available, for now, in:

This version is, as Alan states, not currently a public release; it's
only available in H.J. Lu's "hidden" GCC development area on
tsx-11.mit.edu (and its mirrors, of which linux.nrao.edu is one).
H.J. has given his OK for this "pseudo-release."


Jeff Uphoff - systems/network admin.  |  juphoff@nrao.edu
National Radio Astronomy Observatory  |  jeff.uphoff@linux.org
Charlottesville, VA, USA              |  http://linux.nrao.edu/~juphoff/

------- End of forwarded message -------

Reply to: