2 Issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I tried to sign-up for a Bugzilla account, but never got the
confirmation e-mail, so I'm posting here in hopes that someone else will
enter them.

1/ The recently released libxml2-python 2.4.19-5.legacy is missing the
Python 2.2 modules:

/usr/lib/python2.2/site-packages/libxml2.py
/usr/lib/python2.2/site-packages/libxml2mod.so

2/ nscd from glibc-2.2.5-44 is vulnerable to DNS cache poisoning.  I
don't know how it is when BIND doesn't seem to be affected, but several
times now I've found 'localhost' mapping to an address block assigned to
APNIC.  I did a search and a few other people have seen this too. 
(There was no specific break-in because my firewall kept things sane.)
You can use 'getent' to check ('host' only does DNS; 'getent' does
NSS-lookups): 'getent hosts localhost'.  Workaround: Disable cache for
hosts in /etc/nscd.conf or disable nscd (not a good solution if you're
using NIS/LDAP/SQL/etc).

Wil
-- 
Wil Cooley                                 wcooley@xxxxxxxxxxx
Naked Ape Consulting                        http://nakedape.cc

Attachment: signature.asc
Description: This is a digitally signed message part

--

fedora-legacy-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux