Re: libc (again)
Ian Murdock writes:
>On the one hand, if we release Debian 0.93 with libc 4.6.27, we are
>releasing a system with an exploitable and (now) well-known security
>hole. On the other hand, if we release Debian 0.93 with libc 4.7.4,
>we are releasing a system with a new and unreleased (!) library that
>cannot compile Motif programs and that has seen little practical use.
>What in the world should we do about this!?! Any ideas?
How much effort would it be to patch libc 4.6.27? I assume from the
fact that you haven't just done it that it isn't trivial. Is a patch
available anywhere or is everybody supposed to live on the bleeding
edge of 4.7.4 these days?
I'm downloading the Debianised source for 4.6.27-5 now, but I've not
even looked at the libc source before so don't expect too much from
>I do have good news: Richard Stallman told me last week that GNU libc
>has just been ported to Linux. I suggest we start using that as soon
>as we change to ELF.
If it's `just' been ported is it any more stable than 4.7.4? (I
have never used 4.7.4, I have only hearsay to go on.)
Richard Kettlewell <URL:http://www.elmail.co.uk/staff/richard/>
Home only: <email@example.com>