disaster! glibc, gcc4, FORTIFY_SOURCE

Arjan van de Ven arjanv at redhat.com
Thu Apr 14 07:27:47 UTC 2005


On Thu, 2005-04-14 at 16:25 +1000, Cameron Simpson wrote:
> At the risk of looking like a complete idiot, I'd like to report an
> apparently serious problem with the recent glibc etc stuff in (I think)
> Fedora-Development.
> 
> In an excess of zeal yesterday I upgraded some packages from the
> development set and now various programs report "buffer overflow detected"
> and like messages, and abort. These programs include bash and my usual
> mail reader. I've reverted my glibc to 2.3.4 from fedora-updates and
> things are a bit better but not totally fixed, so I figure I've still
> got some more packages to locate and revert:-(

please please please file bugs about these... we really have to fix all
of these urgently since buffer overflows are one of the most dangerous
security exploit vectors!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20050414/638bd613/attachment.sig>


More information about the fedora-devel-list mailing list