Yeah, you will need to restart services that are linked to glibc. Other
services (like named) are linked to your system's glibc, they don't include
their own.
The safest thing to do is to reboot the box after you update glibc.
Otherwise, if can't reboot, this should give you a list of every daemon on
your system that is still using the 'old' glibc in memory:
lsof +c0 -d DEL | awk 'NR==1 || /libc-/ {print $2,$1,$4,$NF}' | column -t
Josh
On Thu, Feb 18, 2016 at 9:00 PM, Ken Hohhof <[email protected]> wrote:
> OK, at the risk of exposing my ignorance, is it sufficient to update glibc
> (I see that yum-cron has already done this for me), and perhaps to restart
> some services like named? Or is glibc compiled into packages like BIND and
> those need to be updated?
>
> I'm thinking the glibc libraries are not compiled into the applications
> but are called at run time, but I really don't know.
>
>
>
>
> -----Original Message----- From: Josh Reynolds
> Sent: Thursday, February 18, 2016 4:53 PM
> To: [email protected]
> Subject: Re: [AFMUG] update and patch your linux servers, people!
>
> #oldnews
>
> Another thing you want to do is limit inbound dns responses to 1024
> and less on most platforms, including mikrotik. They may use uClibc
> though, I am not sure.
>
> Most UBNT devices are not vulnerable to this, although EdgeRouter and
> CloudKey were (and probably that old ubnt nvr appliance). Thankfully
> they both receive patches from debian upstream, so it's just an
> apt-get update ; apt-get upgrade -y away.
>
> On Thu, Feb 18, 2016 at 4:48 PM, Eric Kuhnke <[email protected]>
> wrote:
>
>>
>> http://linux.slashdot.org/story/16/02/18/157239/magnitude-of-glibc-vulnerability-coming-to-light
>>
>>
>> http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
>>
>> http://www.kb.cert.org/vuls/id/457759
>>
>>
>> If it has glibc on it and looks up things by DNS, it needs to be patched.
>> That's just about every Linux distro in existence.
>>
>
>
>
