[Novalug] "GHOST" *nix vulnerability

Ed James edward.james@gmail.com
Wed Jan 28 14:32:08 EST 2015


"yum update glibc" didn't fix the issue on my FC6 system, which I'm sure is
no surprise to anyone (including me).  It returned "No Packages marked for
Update/Obsoletion".

*HYPOTHETICALLY* - If I really needed to update glibc, would it just be a
matter of telling yum which repository to use?  Or would there be "cascade"
issues meaning a bazillion other things would need to be upgraded, and
would that be a risky move for such an old system?

NOTE - with apt-get, I've added repositories to some listing or the other
for installs (details buried in notes somewhere).  I sorta assume the same
process holds for yum?
But I don't assume that it's always a safe thing to do for an *old* but
working-well system.

Ed James


On Wed, Jan 28, 2015 at 1:47 PM, Richard Rognlie via Novalug <
novalug@firemountain.net> wrote:

> Not half an hour ago, I was able to perform a
>
>         yum update glibc
>
> on my CentOS 6.5 system.   Yesterday, it was still vulnerable.  Now, it is
> not.
> ​...​
>
> <http://www.gamerz.net/~rrognlie>
>
>



More information about the Novalug mailing list