On Thu, 29 Jan 2015 08:52:57 -0800 Grant wrote: > > Does anybody know more about this "security flaw in the open-source Linux > > GNU C Library" > > > > http://www.theglobeandmail.com/technology/linux-makers-release-patch-to-thwart-new-ghost-cyber-threat/article22662060/?cmpid=rss1 > > > I updated a system of mine that was using an old version of glibc and > rebooted. I can't do a full emerge world there or use various other > portage tools due to the peculiarities of my current situation. Could > I still be vulnerable?
Your system may be vulnerable to this issue only if you have packages statically linked with vulnerable glibc libs, so most likely — no. But your system may be affected by a plenty of other issues in various packages. At the very least you should apply all GLSAs to your system: while they don't encompass all vulnerabilities, they should warn you about most common and important ones. Best regards, Andrew Savchenko
pgpMWQmbZaBhp.pgp
Description: PGP signature