[EMAIL PROTECTED] writes:

> I see a claim that glibc isn't vulnerable at:
>
>   http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
>
> Any comments?

GNU libc in its current version does contain incorrect code from BIND
4.9.  It is vulnerable, though not in the way initially described by
PINE-CERT.  However, most vendors (including, for example, OpenBSD)
have fixed the same vulnerability while adressing the main issues
raised by PINE-CERT.

-- 
Florian Weimer                    [EMAIL PROTECTED]
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to