Re: [exim] CVE-2015-0235 - glibc gethostbyname remotelyexplo…

Página superior
Este mensaje es parte del siguiente hilo:
M\El árbol completo de hilos, ordenados por fecha
MMAlways Learning, mensaje del <-
MMartin Nicholas, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Roman Rybalko
Fecha:  
A: exim-users
Asunto: Re: [exim] CVE-2015-0235 - glibc gethostbyname remotelyexploitable via exim

>> Jumping ship would be doing something for the sake of doing something,
>> addressing only whichever API most recently happened to have a
>> vulnerability; it does not address any systemic issues and there's
>> no guarantee that it would actually help.
> It is in PHP too. Have, temporarily, disabled verify = helo and the PHP
> instances.
Note that vulnerable are only Server/Desktop Linux systems, i.e. that
use GNU libc library.
FreeBSD/Solaris/MacOS/etc., also embedded Linuxes with uClibc or custom
libc - all are OK.

Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-[exim] Rate Limit in Exim 4.8Re: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)