[Bug 2058] RPC library audit required
bugzilla-daemon at rtems.org
bugzilla-daemon at rtems.org
Thu Apr 26 14:37:54 UTC 2012
https://www.rtems.org/bugzilla/show_bug.cgi?id=2058
Ralf Corsepius <ralf.corsepius at rtems.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ralf.corsepius at rtems.org
--- Comment #1 from Ralf Corsepius <ralf.corsepius at rtems.org> 2012-04-26 09:37:54 CDT ---
(In reply to comment #0)
> The RPC library needs an audit to verify that it is up to data. Some security
> problems existed in the SUN implementation, e.g
>
> http://www.cert.org/advisories/CA-2003-10.html
>
> Maybe it makes sense to use the recent FreeBSD or OpenBSD version.
You are going too far - IMO, this conclusion is invalid and short-sighted,
because we have other fixes applied FreeBSD is unlikely to have (Remember, a
lot of FreeBSD is not 16 bit clean.)
Better would be, to check if the RTEMS fork of librpc is vulnerable to this
CVE.
--
Configure bugmail: https://www.rtems.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the bugs
mailing list