Re: LibC openBSD affected ?

| I feel so much safer. CERT is still performing a role they don't understand. Could you detail, please? It's too short to get it as a joke or as a serious thing.

Re: LibC openBSD affected ?

> On Wed, 07 Dec 2016 13:25:48 +0100, "Peter N. M. Hansteen" wrote: > > > Yes. See http://www.tedunangst.com/flak/post/who-even-calls-link-ntoa > > Right, link_ntoa(3) is not called with untrusted input so this is > a very minor issue. Also, route and netstat are not setuid or > setgid on

Re: LibC openBSD affected ?

On Wed, 07 Dec 2016 13:25:48 +0100, "Peter N. M. Hansteen" wrote: > Yes. See http://www.tedunangst.com/flak/post/who-even-calls-link-ntoa Right, link_ntoa(3) is not called with untrusted input so this is a very minor issue. Also, route and netstat are not setuid or setgid on OpenBSD. - todd

Re: LibC openBSD affected ?

On 12/06/16 21:40, carlos albino garcia grijalba wrote: > its openbsd affected by http://tinyurl.com/js2vd28 ? > > Vulnerability Note VU#548487 - BSD libc contains a buffer overflow > vulnerability > tinyurl.com > The BSD libc library is vulnerable to a classic buffer

Re: LibC openBSD affected ?

On Tue, 06 Dec 2016 20:40:47 +, carlos albino garcia grijalba wrote: > its openbsd affected by http://tinyurl.com/js2vd28 ? Yes, the same code is present in OpenBSD. - todd

LibC openBSD affected ?

its openbsd affected by http://tinyurl.com/js2vd28 ? Vulnerability Note VU#548487 - BSD libc contains a buffer overflow vulnerability tinyurl.com The BSD libc library is vulnerable to a classic buffer overflow.