CVE-2015-7547: getaddrinfo() stack-based buffer overflow
Dominique Jullier
doj at open.ch
Wed Feb 17 16:22:00 UTC 2016
Hello all,
Are they any thoughts around, how to handle yesterday's glibc
vulnerability[1][2] from the side bind?
Since it is a rather painful task in order to update all hosts to a new
version of glibc, we were thinking about other possible workarounds.
Any ideas how to drop non-compliant responses in bind? I.e. with an
extension/adaptation of bind?
[1]https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
[2]
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3905 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160217/8369bd41/attachment.bin>
More information about the bind-users
mailing list