You are Here:
Linux Lite 4.4 Final has been released. See the Release Announcements section for more information.



[ SECURITY ] Glibc: Mega bug may hit thousands of devices

Author (Read 1518 times)

0 Members and 1 Guest are viewing this topic.

Glibc: Mega bug may hit thousands of devices
« on: February 17, 2016, 06:45:53 AM »
 

newtusmaximus

  • Gold Level Poster
  • *******
  • 637
    Posts
  • Country: gb
  • Reputation: 65
  • Paypal Supporter.

  • Linux Lite: 3.6 64bit

  • CPU: Intel Core duo 6300 1.86GHz

  • MEMORY: 4Gb

  • VIDEO CARD: Intel 82Q963/Q965
2006 - HP DC7700p ultraslim Desktop Intel 6300 cpu  4GB Ram LL3.6 64bit.
2007 - Fujitsu Siemens V3405 Laptop  2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram LL4.4 64bit
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit
 


Re: Glibc: Mega bug may hit thousands of devices
« Reply #1 on: February 17, 2016, 07:30:01 AM »
 

shaggytwodope

  • Forum Regular
  • ***
  • 222
    Posts
  • Reputation: 44
  • Linux Lite Member
    • Shaggy's Blog

  • CPU: Intel i5 4440

  • MEMORY: 8Gb

  • VIDEO CARD: Intel HD Graphics 4600
http://www.bbc.co.uk/news/technology-35592916

Significance for LL users??
While its generally just fine to pay attention to news in this field, it's rarely going to explain things in much detail. And be aware of  scare tactics to get more clicks/views.

But in this case, you'll want to check out https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-February/003305.html And here for far more details on the extact issue reported in that article https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html


If security updates and warnings are of interest to you, I suggest checking out the related mailing lists. And never be afraid to ask or point out a new security issue of this scope. (Your favorite image viewer may not be the end of the world.)
The Truth is out there.
Be sure to check the Manual out and always report Bugs or feature requests.
 

Re: Glibc: Mega bug may hit thousands of devices
« Reply #2 on: February 17, 2016, 10:11:35 AM »
 

avj

  • Gold Level Poster
  • *******
  • 530
    Posts
  • Country: us
  • Reputation: 110
  • Linux Lite Member

  • Linux Lite: 2.8 64bit

  • CPU: Dual core Intel Pentium D 2.80GHz

  • MEMORY: 2Gb

  • VIDEO CARD: AMD/ATI RC410 Radeon Xpress 200/1100
I recommend that everyone run install updates to get the fixed package shown on the link provided by  shaggytwodope.

I have, and can confirm that the package
Code: [Select]
libc6                           2.19-0ubuntu6.7 was updated.

According to the link you need to restart your system for it to complete the process.

Code: [Select]
It was discovered that the GNU C Library incorrectly handled receiving
responses while performing DNS resolution. A remote attacker could use this
issue to cause the GNU C Library to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
  libc6                           2.21-0ubuntu4.1

Ubuntu 14.04 LTS:
  libc6                           2.19-0ubuntu6.7

Ubuntu 12.04 LTS:
  libc6                           2.15-0ubuntu10.13

After a standard system update you need to reboot your computer to make
all the necessary changes.
Last Edit: February 17, 2016, 10:30:36 AM by avj
I have not failed. Ive just found 10,000 ways that wont work. - Thomas Edison
 

Re: Glibc: Mega bug may hit thousands of devices
« Reply #3 on: February 17, 2016, 11:53:40 AM »
 

TMG1961

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 556
    Posts
  • Country: nl
  • Reputation: 88
  • Linux Lite Member

  • Linux Lite: 4.4 64bit

  • CPU: Intel(R) Core(TM) i3-7020U

  • MEMORY: 8Gb

  • VIDEO CARD: Intel(R) HD Graphics 620
Here also updated to latest version
Life on earth is expensive but it does include a free trip around the sun.
 


Tags:
 


Linux Lite 4.4 Final has been released. See the Release Announcements section for more information.