Re: libc (again)

To: debian-devel@Pixar.com
Subject: Re: libc (again)
From: Ian Murdock <imurdock@debian.org>
Date: Tue, 12 Sep 95 11:49 EST
Message-id: <[🔎] m0ssYWS-00016YC@imagine.imaginit.com>
In-reply-to: <[🔎] m0ssYFu-000AaeC@kryten.it.com.au> (andrew@kryten.it.com.au)

   From: andrew@kryten.it.com.au (Andrew Howell)
   Date: Wed, 13 Sep 1995 00:32:18 +0800 (WST)

   > On the one hand, if we release Debian 0.93 with libc 4.6.27, we are
   > releasing a system with an exploitable and (now) well-known security
   > hole.  On the other hand, if we release Debian 0.93 with libc 4.7.4,
   > we are releasing a system with a new and unreleased (!) library that
   > cannot compile Motif programs and that has seen little practical use.
   > 
   > What in the world should we do about this!?!  Any ideas?

   Like it's been suggested before, try and patch 4.6.27 to fix the
   security hole.

I'm afraid I don't have time to do this.  Would anyone be interested
in looking at this possiblity?  I've been told its impossible, but I
don't see why it would be.

   > I do have good news: Richard Stallman told me last week that GNU libc
   > has just been ported to Linux.  I suggest we start using that as soon
   > as we change to ELF.

   >From what I read on linux-gcc it's just been done and not guaranteed
   to be working, certainly I would be worried about using something that
   has just been ported when it's a C library.

Right--we can't use it *now*, anyway, because it doesn't support a.out.

Reply to:

Follow-Ups:
- Re: libc (again)
  - From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>

References:
- Re: libc (again)
  - From: andrew@kryten.it.com.au (Andrew Howell)

Prev by Date: Re: libc (again)
Next by Date: Re: libc (again)
Previous by thread: Re: libc (again)
Next by thread: Re: libc (again)
Index(es):
- Date
- Thread