[EMAIL PROTECTED] writes: > I see a claim that glibc isn't vulnerable at: > > http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2 > > Any comments?
GNU libc in its current version does contain incorrect code from BIND 4.9. It is vulnerable, though not in the way initially described by PINE-CERT. However, most vendors (including, for example, OpenBSD) have fixed the same vulnerability while adressing the main issues raised by PINE-CERT. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]