[Python-Dev] Buffer overflow bug in GNU C's getaddrinfo() (original) (raw)
Gregory P. Smith greg at krypto.org
Wed Feb 17 16:46:40 EST 2016
- Previous message (by thread): [Python-Dev] Buffer overflow bug in GNU C's getaddrinfo()
- Next message (by thread): [Python-Dev] RE 25939 - _ssl.enum_certificates broken on Windows
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Feb 17, 2016 at 12:12 PM Andrew Barnert via Python-Dev < python-dev at python.org> wrote:
On Feb 17, 2016, at 10:44, MRAB <python at mrabarnett.plus.com> wrote: > > Is this something that we need to worry about? > > Extremely severe bug leaves dizzying number of software and devices vulnerable > http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
Is there a workaround that Python and/or Python apps should be doing, or is this just a matter of everyone on glibc 2.9+ needs to update their glibc?
There are no workarounds that we could put within Python. People need to update their glibc and reboot. All useful()* Linux distros have already released update packages.
All of the infrastructure running Linux needs the update applied and a reboot (I'm guessing our infrastructure peeps have already done that). But this also includes Linux buildbots run by our random set of buildbot donors.
-gps
(*) off topic: Raspbian Wheezy is apparently not on the useful list. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20160217/1ac0fe18/attachment.html>
- Previous message (by thread): [Python-Dev] Buffer overflow bug in GNU C's getaddrinfo()
- Next message (by thread): [Python-Dev] RE 25939 - _ssl.enum_certificates broken on Windows
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]