[Python-Dev] Buffer overflow bug in GNU C's getaddrinfo()
Gregory P. Smith
greg at krypto.org
Wed Feb 17 16:46:40 EST 2016
On Wed, Feb 17, 2016 at 12:12 PM Andrew Barnert via Python-Dev <
python-dev at python.org> wrote:
> On Feb 17, 2016, at 10:44, MRAB <python at mrabarnett.plus.com> wrote:
> >
> > Is this something that we need to worry about?
> >
> > Extremely severe bug leaves dizzying number of software and devices
> vulnerable
> >
> http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
>
> Is there a workaround that Python and/or Python apps should be doing, or
> is this just a matter of everyone on glibc 2.9+ needs to update their glibc?
>
There are no workarounds that we could put within Python. People need to
update their glibc and reboot. All *useful(*)* Linux distros have already
released update packages.
All of the infrastructure running Linux needs the update applied and a
reboot (I'm guessing our infrastructure peeps have already done that). But
this also includes Linux buildbots run by our random set of buildbot donors.
-gps
(*) off topic: Raspbian Wheezy is apparently not on the useful list.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160217/1ac0fe18/attachment.html>
More information about the Python-Dev
mailing list