[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] CVE-2015-7547 Tor network stats



Based on the exploit, aren't, at most, only the exits vulnerable? I
didn't think middles would do any DNS resolving.

Those like me running debian and putting off doing a reboot might find
needrestart (package of same name) and checkrestart (package
debian-goodies) useful.

On Tue, 23 Feb 2016, at 07:16 AM, Dmitrii Tcvetkov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> On Mon, 22 Feb 2016 21:16:42 -0800
> Saint Aardvark the Carpeted <aardvark@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> wrote:
> > Most libraries aren't so central to everything that runs in Linux, and
> > restarting the programs that use the library in question is a
> > perfectly fine way to ensure you get the new library loaded.  But libc
> > is so very central to absolutely *everything* (or nearly so) in Linux
> > that the best way to ensure everything gets the new, patched versions
> > is simply to reboot.
> > 
> It is true, but still reboot should not be so essential for glibc
> upgrade. You can just restart (not reload, SIGHUP will not help) services
> on your server and they will load new glibc. This will allow
> yout to delay server reboot until next kernel upgrade. 
> 
> IOW server reboot is easier but is not necessary.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> 
> iQEcBAEBCAAGBQJWzAdnAAoJEG7QE8vSCezkgTkIAL/B0wBlY/TEvinnIPjj3SLO
> loZLceYMnxEscnPTmEGCFY/9w2T+0XCW/sFSOrGd9ji9V5Fubuo06wzqUStsuLwq
> HaMuaCLFo4cSI1nHyx99Uu5WG0/Oy2HAVHOsoSSyKT+2XkCKxii4KKtSCXxIUbHk
> gUujxXTNhknh8hIXS66mgVIYB26r1rLDcHTO7/LGPcooJjrnP+RbDobEk5e/yqEI
> NMQjVDienm/+xWmIBfQBJp98Fi0+I79u4duSs06lRD95mKyxB8oUqw9eD6VOHHwB
> 0MQQbRO67mqFrCTi1T1WhSjjj4xsvLfjQSf31PfZm/PCEL6aJ3LFoTP6VkPjMjY=
> =6tI4
> -----END PGP SIGNATURE-----
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays