That would depend greatly on whether you dynamically or statically linked
your applications against the libraries. If you did static linking, then
you'd have to recompile them. If they're dynamically linked, then you
only have to update the libraries...the applications should make their
calls to the dynamic links and have no problems.
On Fri, 26 Jan 2001, Curt Seeliger wrote:
> Folks,
>
> If a security patch is required for the C library, this seems to imply
> that all applications compiled against the library require
> recompilation. Am I mistaken, or do I have a whole lotta work ahead of
> me?
>
> Second, since I'm running 6.2, I'm looking for the appropriate patches
> (I've only seen them for 7.0). Is there some reason why 6.2 would be
> unpatched -- is it, as far as the vulnerabilities fixed by these
> pathces go, more secure than 7.0?
>
> Thanks for your feedback,
>
> cur
>
> ----------
>
>
> Red Hat: 'glibc' vulnerability - 1/11/2001
>
> A couple of bugs in GNU C library 2.2 allow unpriviledged user to read restricted
>files and preload libraries in /lib and /usr/lib
> directories into SUID programs even if those libraries have not been marked as such
>by system administrator.
>
> ftp://updates.redhat.com/7.0/i386/glibc-2.2-12.i386.rpm
>91b935bfb0d5fb43394d8557fe754bb4
>
> ftp://updates.redhat.com/7.0/i386/glibc-common-2.2-12.i386.rpm
>b1218c0c2b6f5bd1e161c3158d0418a5
>
> ftp://updates.redhat.com/7.0/i386/glibc-devel-2.2-12.i386.rpm
>0d0bc7d1cd31c548e474146a7cdfea51
>
> ftp://updates.redhat.com/7.0/i386/glibc-profile-2.2-12.i386.rpm
>9891a9d1967be619ca74a1de5d0b1f63
>
> ftp://updates.redhat.com/7.0/i386/nscd-2.2-12.i386.rpm
>d56ba6b8f82c92b9a872e7ee94c706a9
>
> Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-1045.html
>
>
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
