-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 23.02.2016 22:12, Tom van der Woerdt wrote:
> Op 23/02/16 om 22:10 schreef Toralf Förster:
>> Louie Cardone-Noott:
>>> Those like me running debian and putting off doing a reboot
>>> might find needrestart (package of same name) and checkrestart
>>>
Op 23/02/16 om 22:10 schreef Toralf Förster:
> Louie Cardone-Noott:
>> Those like me running debian and putting off doing a reboot might find
>> needrestart (package of same name) and checkrestart (package
>> debian-goodies) useful.
>
> Under Gentoo "lib_users -s" is a useful command IMO to see if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Louie Cardone-Noott:
> Those like me running debian and putting off doing a reboot might find
> needrestart (package of same name) and checkrestart (package
> debian-goodies) useful.
Under Gentoo "lib_users -s" is a useful command IMO to see if a in
Louie Cardone-Noott:
> Based on the exploit, aren't, at most, only the exits vulnerable? I
> didn't think middles would do any DNS resolving.
I didn't mean to imply that tor does the relevant DNS lookup but most
servers will do DNS lookups at some point (even if not caused by tor).
signature.as
> you say that 64% of the guard relays and 51% of the exit relaysare are
> unpatched ?
These numbers are not based on relaycount but on guard/exit probability
(so it takes a relay's contributed bandwidth/consensus weight into account).
If you are more interested in relay counts: 3754 out of 7268
Based on the exploit, aren't, at most, only the exits vulnerable? I
didn't think middles would do any DNS resolving.
Those like me running debian and putting off doing a reboot might find
needrestart (package of same name) and checkrestart (package
debian-goodies) useful.
On Tue, 23 Feb 2016, at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mon, 22 Feb 2016 21:16:42 -0800
Saint Aardvark the Carpeted
wrote:
> Most libraries aren't so central to everything that runs in Linux, and
> restarting the programs that use the library in question is a
> perfectly fine way to ensure you get the
Hi,
you say that 64% of the guard relays and 51% of the exit relaysare are
unpatched ? That's horrible!
~Josef
Am 22.02.2016 um 23:44 schrieb nusenu:
> Hi,
>
> if we assume for simplicity that every relay running Linux that has not
> rebooted since 2016-02-16 is vulnerable to CVE-2015-7547, than
SuperSluether disturbed my sleep to write:
> Hi,
>
> My Raspberry Pi and Ubuntu Server already have the updated version of libc6.
> Is a reboot still required? I thought only kernel updates required a reboot.
When you update a shared library, any running program that uses that
library still has th
Hi,
My Raspberry Pi and Ubuntu Server already have the updated version of
libc6. Is a reboot still required? I thought only kernel updates
required a reboot.
On 02/22/2016 04:44 PM, nusenu wrote:
Hi,
if we assume for simplicity that every relay running Linux that has not
rebooted since 2016
Hi,
if we assume for simplicity that every relay running Linux that has not
rebooted since 2016-02-16 is vulnerable to CVE-2015-7547, than these are
the current stats (optimistic, because we assume that everyone that
rebooted did also update).
Vulnerable relays:
++--+
nick's statement on CVE-2015-7547:
https://lists.torproject.org/pipermail/tor-talk/2016-February/040280.html
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/
As far as i know anything using glibc is affected, it says on the blog
ssh,curl,sudo for examples.
On February 17, 2016 6:06:50 PM GMT+01:00, starlight.201...@binnacle.cx wrote:
>Could someone with a solid understanding of how the Tor daemon
>interacts with DNS comment on whether and how CVE-2015
Could someone with a solid understanding of how the Tor daemon interacts with
DNS comment on whether and how CVE-2015-7547 (glibc DNS response buffer
overflow, remotely exploitable) the bug impacts relay running under Linux?
___
tor-relays mailing list
14 matches
Mail list logo
