Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
From: Renee Landers <rlanders@secureworks.net>
Date: Thu, 15 Aug 2002 12:22:14 -0400
Message-id: <[🔎] 5.0.2.1.0.20020815121249.0329d1d0@atlexchange.secureworks.net>
In-reply-to: <[🔎] 20020814182328.GA25780@cordes.phys.dal.ca>
References: <[🔎] 4F7A23C0-AF14-11D6-B2E0-0003937562B8@where2getit.com> <m17eWw9-000ofpC@finlandia.Infodrom.North.DE> <[🔎] 4F7A23C0-AF14-11D6-B2E0-0003937562B8@where2getit.com>

Note that the postinst script restarts a lot of those services for you, too.

The list is:

            check="nis smail sendmail exim ssh netbase apache proftpd"
            check="$check ssh-nonfree postfix-tls wu-ftpd boa cron postfix"
            check="$check wu-ftpd-academ slapd openldapd logind wwwoffle"
            check="$check lprng lpr autofs snmpd"

Unless you have DEBIAN_FRONTEND="noninteractive" in your environment,
it will prompt you as to whether or not you want it to restart the services.

But I choose to reboot since even init is linked with libc.  Obviously, that's
not always an option in a production environment.

renee

At 03:23 PM 8/14/2002 -0300, Peter Cordes wrote:

On Tue, Aug 13, 2002 at 06:28:01PM -0500, Paul Baker wrote:
>
> On Tuesday, August 13, 2002, at 03:21 AM, Martin Schulze wrote:
> >
> >-
> >--------------------------------------------------------------------------
> >Debian Security Advisory DSA 149-1
> >security@debian.org
> >http://www.debian.org/security/                             Martin
> >Schulze
> >August 13th, 2002
> >-
> >--------------------------------------------------------------------------
> >
> >Package        : glibc
> >Vulnerability  : integer overflow
> >Problem-Type   : remote
> >Debian-specific: no
> >CVE Id         : CAN-2002-0391
> >CERT advisory  : VU#192995
>
> Anyone aware of any particular daemon's that need to be restarted just
> to be safe? I'd rather not have to type in the SSL passphrase for
> apache+mod_ssl if I don't have to.

 The advisory said the overflow was "in the RPC library", so things like NFS
and NIS and stuff with origins at Sun might be using that.  Apache shouldn't
be vulnerable unless there are some modules that use RCP stuff.

--
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BCE


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
  - From: Joey Hess <joey@kitenet.net>

References:
- Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
  - From: Paul Baker <pbaker@where2getit.com>
- Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

Prev by Date: unsubscribe
Next by Date: Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
Previous by thread: Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
Next by thread: Re: [SECURITY] [DSA 149-1] New glibc packages fix security related problems
Index(es):
- Date
- Thread