Re: CVE-2015-0235 - glibc gethostbyname

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




----- Original Message -----
> From: "Simon Banton" <centos@xxxxxxxxxx>
> To: "CentOS mailing list" <centos@xxxxxxxxxx>
> Sent: Wednesday, January 28, 2015 6:10:34 AM
> Subject: Re:  CVE-2015-0235 - glibc gethostbyname
> 
> Hi,
> 
> For reasons which are too tiresome to bore you all with, I have an
> obligation to look after a suite of legacy CentOS 4.x systems which
> cannot be migrated upwards.
> 
> I note on https://access.redhat.com/articles/1332213 the following
> comment from a RHN person:
> 
> >We are currently working on and testing errata for RHEL 4, we will
> >post an update for it as soon as it's ready. Thank you for your
> >patience!
> 
> Is there *any* prospect of updated glibc packages for CentOS 4.x
> being made available?
> 
> Cheers
> S.

Although I hate Oracle with a fury, one good thing is that they put all the updates they rebuild for their RHEL clone in a publicly viewable site. I'm guessing they pay Redhat for extended support on end of life RHEL4 to get access to the source rpms. I learned about this from another list member back when the bash shell shock exploit hit. 

http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/

David Miller.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux