[CentOS] Regarding CVE-2015-1781 vulnerability in Glibc

Fri Jun 5 08:48:03 UTC 2015
Venkateswara Rao Dokku <dvrao.584 at gmail.com>

Thanks for the reply.

Where can we get the info regarding whether its fixed in CentOS 5 or not?

I did rpm -q --changelog <glibc> | grep <CVE>

but I dont find any info on this.

This might means 3 things.
1. The version is not affected so no fix
2. The version is affected, still no fix
3. Fix applied, but not shown in o/p

Thanks

On Fri, Jun 5, 2015 at 2:06 PM, John Tall <mjtallx at gmail.com> wrote:

> On Fri, Jun 5, 2015 at 10:26 AM, Venkateswara Rao Dokku
> <dvrao.584 at gmail.com> wrote:
> > Hi All,
> >
> > I am using CentOS 5.5 with gcc version 2.5.123.el5.
>
> Are you really on 5.5? You should consider updating to 5.11.
>
> > I just wanted to check whether the CVE-2015-1781 is fixed in the current
> > version?
> >
> > How can I do that?
> >
> >
> > Right now I dont have access to that machine, so I wanted to check
> whether
> > its fixed online ( not via shell)?
>
> https://access.redhat.com/security/cve/CVE-2015-1781
>
> I don't know if CentOS has CVE information online. It's fixed in RHEL
> 6 so CentOS 6 should have it too. No word on whether RHEL 5/CentOS 5
> is affected or not.
>
> John
>



-- 
Thanks & Regards,
Venkateswara Rao Dokku.