What is Ghost i.e security hole in the Linux?
Patrick O'Callaghan
pocallaghan at gmail.com
Wed Jan 28 20:29:40 UTC 2015
On Wed, 2015-01-28 at 13:24 -0500, Kevin Cummings wrote:
> On 01/28/2015 01:19 PM, Matthew Miller wrote:
> > On Wed, Jan 28, 2015 at 02:21:41PM +0000, Norah Jones wrote:
> >> Can someone describe in detail about the Ghost security hole. And is
> >> there any patch or a solution to fix it?
> >
> > This was a problem fixed in glibc 2.18, so that version, as shipped in
> > F20, and 2.20, as we have in F21, are not vulnerable. If you are
> > running F19 or earlier, you should update.
>
> I installed the F20 glibc on my F19 system. The ghosttest.c test
> program now shows my F19 as no longer vulnerable.
>
> # yum --releasever=20 update glibc
>
> YMMV
>
> > If you're running (a supported version of) a different Linux
> > distribution with an old version, patches are likely available.
Even though you fixed this yourself, F19 has already been EOLed and will
therefore not receive even critical security updates such as this one.
That's why it's important for people to stay current with the supported
versions, or switch to a distro with long-term support.
poc
More information about the users
mailing list