GHOST bug glibc vulnerability (CVE-2015-0235)

Talk here about security in general. Posting illegals software is prohibited. All stuffs in this forum must be considered as for "Educational purpose only".
Post Reply
ElectriQT
Samurai
Samurai
Posts: 116
Joined: 10 Nov 2013, 12:02
Distribution: LXDE3.5Manjaro, LXDE3.01-32bit
Location: Sweden

GHOST bug glibc vulnerability (CVE-2015-0235)

Post#1 by ElectriQT » 29 Jan 2015, 01:20

Hi,
https://isc.sans.edu/diary/New+Critical ... T%29/19237
http://www.openwall.com/lists/oss-security/2015/01/27/9
https://threatpost.com/of-ghost-glibc-v ... its/110719

Maybe already in the pipe, or fixed?
My Usm and Psc says updated,
(LXDE 3.01)
but:

Code: Select all

root@porteus:/# ldd --version
ldd (GNU libc) 2.17
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.
Please look in to this, if we need an update, as it seems so to me.

usm could not find anyting at "glibc" or ldd,
is that normal?

Kind regards

beny
Full of knowledge
Full of knowledge
Posts: 724
Joined: 02 Jan 2011, 11:33
Location: italy

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#2 by beny » 29 Jan 2015, 09:11

hi, glibc it is part of porteus core so any update of version require the build of a new core slackware patches are ready yet for this issue,maybe fanthom can adds the security patches of slackware to porteus core,so we have a rock system to use.

User avatar
fanthom
Site Admin
Site Admin
Posts: 4567
Joined: 28 Dec 2010, 02:42
Distribution: Porteus Kiosk
Location: Poland, currently - Cork, IE
Contact:

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#3 by fanthom » 29 Jan 2015, 11:04

why not to use USM to download it from Slackware patches? same applies to latest CVE for flashplayer which looks quite dangerous (remote code execution):
https://bugs.gentoo.org/show_bug.cgi?id=537426

you can get latest flashplayer from alien repo.
Please add [Solved] to your thread title if the solution was found.

ElectriQT
Samurai
Samurai
Posts: 116
Joined: 10 Nov 2013, 12:02
Distribution: LXDE3.5Manjaro, LXDE3.01-32bit
Location: Sweden

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#4 by ElectriQT » 30 Jan 2015, 00:53

fanthom wrote:why not to use USM to download it from Slackware patches? same applies to latest CVE for flashplayer which looks quite dangerous (remote code execution):
https://bugs.gentoo.org/show_bug.cgi?id=537426

you can get latest flashplayer from alien repo.
Im not yet (..in no way) a Porteus pro, as I dont understand usm for example.. :-)

1.
I tried to download glibc, but there is nothing like that in my usm(GUI) searches. No results.

2.
I also later tried To download and convert "alien" Firefox 31.4, no success, after deactivation of my old FF31.3 module and activation of the new, it will now not start up a Firefox. But FF are in the Menus, so I guess the activation-stuff did go OK. Hmm, no idea what to do then.

(So I had to go back to .425 in that computer)



( Hmm, the pluginchek says Firefox it self is old, but do say that our Flashplayer .425 are OK (and it is NOT ok now = a bug)
why do we, or they(?) still have this bug with security-check of plugins, is this a problem only in Porteus-FFirefox-plugincheck?, ...or is it a global problem that just nobody cares about? :shock: Not good when less updated people check their not updated plugins and get a "green light" on dangerous stuff.. And It has been like this for very long time at Mozilla, at least since .424 of flash last year...)

Try here and see if you get the same (bug) result on a new Porteus iso:
https://www.mozilla.org/en-US/plugincheck/

Looks like you’re using an older version of Firefox.

Update your Firefox

Plugin Status

Step 1: Click Update to update a plugin.
Step 2: Complete all recommended updates before restarting your browser.

These plugins are up to date Plugin Status Action
Shockwave FlashShockwave Flash 11.2 r202 Up to Date
11.2.202.425

ElectriQT
Samurai
Samurai
Posts: 116
Joined: 10 Nov 2013, 12:02
Distribution: LXDE3.5Manjaro, LXDE3.01-32bit
Location: Sweden

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#5 by ElectriQT » 30 Jan 2015, 02:42

Hmm,
Now when I try, I get this errors popping up in USM (GUI):
- - - - -
Processing:
Could not find: LIBS.TXT
- - - - -

and another window:
- - - -
Fatal error
LIBS.TXT
[OK]
- - - -



[Edit]

Hmm..
I found a possible USM-bug that probably prevented a correct function of usm.
I some time ago changed computer (or removed some usbs..) the active storage was therefore renamed from sdc to the sdb drive, but the settings of my used storage place in usm (GUI) seems to NOT have fixed *all* the lines that it should have done in the config file, after this re-config. Now "/sdb1/usm/" is the correct one, but I still see one line of "sdc" in the file.

And the thing is.. I dont have a physical "sdc" any more.
So I assume Porteus still holds this old drive "in ramdisk", as it still shows up here in /mnt/sdc1. Not sure why or how that works.

here is a snip from inside the usm-config file, where I spotted the possible bug/problem in the GUI-app:


AUTOCHECK=true

# Storage of database files (e.g PACKAGES.TXT)
DBDIR=/mnt/sdc1/usmsaker
THIS IS OLD! And I assume it also should have changed when GUI did change the storage place. This place "sdc1" dont exist IRL at all any more, but files are still there in the RAM-filesystem. (hmm , did I understand this correct ? I can go to /mnt/sdc1/usmsaker/local/libs.txt and open the file.., that one USM complains about(if I use low cases-letters), but as "sdc1" dont exists as real drive here any more..where ARE they now actually placed IRL then? Do I actually got an virtual sdc-"drive" with some (un-used) files stored inside my saves-modue at my sdb1 now? :-) A bit confusing sometimes. )

# usm works with the repositories of various slackware based distros.
# The variable below is used to find the mirror for each distro given.
# The mirror files are stored in ${DBDIR}/mirrors-distro.txt
DISTROS="slackware slackwarepatches slacky salix alien ponce"

# Where packages will be downloaded to.
STORAGE=/mnt/sdb1/usm
This is the new and "real" place at the flash memory that I have set in the GUI.

beny
Full of knowledge
Full of knowledge
Posts: 724
Joined: 02 Jan 2011, 11:33
Location: italy

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#6 by beny » 30 Jan 2015, 10:43

hi as you know firefox in porteus have a core package,you can remove it only pulling away from porteus core modules after this you can install the other firefox.xzm,but with the changes actived you have some trouble with,also the glibc package you can remove it and install the patched version,but when the changes directory for any reason not work well you can damage your system,well you can run porteus in fresh mode but you have the old system running on,you can find all you need in slackware patches directory via usm.

User avatar
brokenman
Site Admin
Site Admin
Posts: 5461
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v3.2rcX all desktops
Location: Brazil
Contact:

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#7 by brokenman » 30 Jan 2015, 12:58

ldd is in the glibc-solibs package of slackware.

ElectriQT why are you posting USM bugs in this thread? Please repost in the USM bugs thread and I will check it out. Thanks.
How do i become super user?
Wear your underpants on the outside and put on a cape.

ElectriQT
Samurai
Samurai
Posts: 116
Joined: 10 Nov 2013, 12:02
Distribution: LXDE3.5Manjaro, LXDE3.01-32bit
Location: Sweden

Re: GHOST bug glibc vulnerability (CVE-2015-0235)

Post#8 by ElectriQT » 01 Feb 2015, 03:24

brokenman wrote:ldd is in the glibc-solibs package of slackware.

ElectriQT why are you posting USM bugs in this thread? Please repost in the USM bugs thread and I will check it out. Thanks.
Hi,
-It was mostly a reply to Fanthoms "why not use usm". Usm did not work.

Thanx Beny:
Now I Updated flash and firefox manually,
( probably my usm is broken in some way, if all other people have no such problems. )
So I downloaded the FlashPlayer x.440 from a webpage instead. It seems to work good.
http://www.slackware.com/~alien/slackbu ... g/current/
Then I also downloaded a new Firefox 31.4
(mozilla-firefox-31.4.0esr-i486-1_slack14.1.txz http://ftp.slackware.com/pub/slackware/ ... /packages/ )
That works great now, but it was probably not the correct file to use for Porteus(?), as I lost all my browsehistory, the bookmarks and my plugins.
I then restored my bookmarks from a html-export-bakup that I had made before the update,
and I reinstalled the plugins again.

It even seems to work better than before, have not seen any memory leak yet.

Post Reply