On Wed, Feb 17, 2016 at 02:24:10PM +0100, O. Hartmann wrote: > It is around now in the media also for non-OS developers: CVE-2015-7547 > describes a bug in libc which is supposed to affects all Linux versions. > > big price question: is FreeBSD > 9.3 also affected? > > Some reporters tell us that Linux/UNIX is affected, so sometimes this terminus > is used to prevent the "Linux-nailed" view, but sometimes it also referes to > everything else those people can not imagine but consider them Linux-like. So > I'm a bit puzzled, since there is no report about *BSD is affected, too. > > Thanks in advance for shedding light onto CVE-2015-7547. The project that's vulnerable is called "glibc", not "libc". The BSDs don't use glibc, so the phrase "nothing to see here" applies. glibc isn't even available in FreeBSD's ports tree. TL;DR: FreeBSD is not affected by CVE-2015-7547. Thanks, -- Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:02 UTC