Re: [Python-buildbots] [Python-Dev] Buffer overflow bug in GNU C's getaddrinfo()
On Thu, Feb 18, 2016 at 8:46 AM, Gregory P. Smith <greg@krypto.org> wrote:
On Wed, Feb 17, 2016 at 12:12 PM Andrew Barnert via Python-Dev <python-dev@python.org> wrote:
On Feb 17, 2016, at 10:44, MRAB <python@mrabarnett.plus.com> wrote:
Is this something that we need to worry about?
Extremely severe bug leaves dizzying number of software and devices vulnerable
http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying...
Is there a workaround that Python and/or Python apps should be doing, or is this just a matter of everyone on glibc 2.9+ needs to update their glibc?
There are no workarounds that we could put within Python. People need to update their glibc and reboot. All useful(*) Linux distros have already released update packages.
All of the infrastructure running Linux needs the update applied and a reboot (I'm guessing our infrastructure peeps have already done that). But this also includes Linux buildbots run by our random set of buildbot donors.
Passing this along to the buildbots list. Everyone running Linux buildbots should run updates; I don't know about other Unix-like OSes and whether they use glibc (does anyone have a Hurd system?), but it can't hurt to check for package manager updates anyway.
ChrisA
participants (1)
-
Chris Angelico