Re: A working glibc LANGUAGE xploit

[Ben Collins <bcollins () DEBIAN ORG>]

On Thu, Nov 30, 2000 at 07:51:38PM -0000, William Cordis wrote:
> > Tested on:       Red Hat 6.2, 6.1
> >                 SuSE 6.2
>
> Failed to work on Debian Gnu/Linux Potato (2.2r1).
> The Stock version of Potato (2.2) should be
> vulnerable but I don't have a box running that
> version to test since all the ones I'm using are
> kept up to date with the latest security patches.
> The bug was reported to be fixed with
> glibc-2.1.3-12 (August 31) which is a security
> update and incorporated into 2.2r1.

2.2 was vulnerable, but obviously we fixed it, and announced that fix, and
it was incorporated in 2.2r1.

--
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins () debian org  --  bcollins () openldap org  --  bcollins () linux com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'