[Python-buildbots] [Python-Dev] Buffer overflow bug in GNU C's getaddrinfo()
Chris Angelico
rosuav at gmail.com
Wed Feb 17 17:38:24 EST 2016
On Thu, Feb 18, 2016 at 8:46 AM, Gregory P. Smith <greg at krypto.org> wrote:
> On Wed, Feb 17, 2016 at 12:12 PM Andrew Barnert via Python-Dev
> <python-dev at python.org> wrote:
>>
>> On Feb 17, 2016, at 10:44, MRAB <python at mrabarnett.plus.com> wrote:
>> >
>> > Is this something that we need to worry about?
>> >
>> > Extremely severe bug leaves dizzying number of software and devices
>> > vulnerable
>> >
>> > http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-devices-vulnerable/
>>
>> Is there a workaround that Python and/or Python apps should be doing, or
>> is this just a matter of everyone on glibc 2.9+ needs to update their glibc?
>
>
> There are no workarounds that we could put within Python. People need to
> update their glibc and reboot. All useful(*) Linux distros have already
> released update packages.
>
> All of the infrastructure running Linux needs the update applied and a
> reboot (I'm guessing our infrastructure peeps have already done that). But
> this also includes Linux buildbots run by our random set of buildbot donors.
Passing this along to the buildbots list. Everyone running Linux
buildbots should run updates; I don't know about other Unix-like OSes
and whether they use glibc (does anyone have a Hurd system?), but it
can't hurt to check for package manager updates anyway.
ChrisA
More information about the Python-Buildbots
mailing list