Re: [SECURITY] [DSA 3481-1] glibc security update
On Wednesday, 2016-02-17 at 10:58:01 +0100, Jan Lühr wrote:
> Am 02/16/2016 um 03:18 PM schrieb Salvatore Bonaccorso:
> > CVE-2015-7547
> > The Google Security Team and Red Hat discovered that the glibc
> Comparing the age (2015-07) and the severity: Can you give some details
> on the situation? Why was the bug fixed so late?
Read this:
https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
and this:
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
> Which parties influenced the release date?
The submitter of the Bugzilla ticket who did not provide example code.
Gap between 2015-08-22 14:59:40 UTC and 2016-02-16 14:11:42 UTC.
HTH,
Lupe Christoph
--
| As everyone knows, it was predicted that the world would end last |
| Wednesday at 10:00 PST. Since there appears to be a world in existence |
| now, the entire universe must therefore have been recreated, complete |
| with an apparent "history", last *Thursday*. QED. |
| Seanna Watson, <1992Nov2.165142.11847@bcrka451.bnr.ca> |
Reply to: