reopen 185508 thanks I can't see another open bug that covers this, so this should stay open until a fixed "stable" version is released, shouldn't it?
GOTO Masanori's "glibc23-cert-rpcxdr.dpatch" should apply with only a bit of fuzz. The only problem I encountered when rebuilding a patched 2.2.5-11.2 myself was a crashing test program documented in bug 173486, and I've submitted a patch under that bug report. Is there some reason Debian is observing total radio silence on this bug? The CERT advisory came out Tuesday, and RedHat had their fix out on Wednesday. There's no obvious difficulty applying the patches given by the CERT advisory. What's up? I don't believe there's a proven remote root exploit, but sheesh, isn't it likely there's at least a DOS attack against any Debian machine running the "portmap" daemon (i.e., most Debian installations)? Our response so far has been to upload a fix for the *unstable* version and close the bug! (No offence intended to Masanori.) -- Kevin Buhr <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
