Bernd on Nostr: Strange that the text on the qualys website would say that it affects "glibc-based ...
Strange that the text on the qualys website would say that it affects "glibc-based Linux systems" (which are effectively all Linux systems), but the "official" mitre CVE site only talks about the race condition in the sshd server, without reference to any particular libc flavour.
The reference to glibc at first made it seem that NetBSD might be safe, but alas, it is also affected. The fix is quick and easy if you only operate a few systems.
Also noteworthy that this was only the second NetBSD Security advisory in 2024.
Published at
2024-07-02 22:52:31Event JSON
{
"id": "0470082efdfedcfd5792992260a7011264734f4c0634fa27f90a738b9e698fd9",
"pubkey": "97068843b603e21b17d20462bfa83d6e22effec45ca255ed50cacba366dae859",
"created_at": 1719960751,
"kind": 1,
"tags": [
[
"proxy",
"https://digitalcourage.social/@hopfgeist/112719347840701222",
"web"
],
[
"p",
"e21e58873cf62cc947b00cd059423a6b37f3c191cf4539e418d605ed7e91ade6"
],
[
"e",
"f976927f560b052e5ae084c6d2a3e2978d735203ed94ea8f4a041aa4406384fd",
"",
"root"
],
[
"proxy",
"https://digitalcourage.social/users/hopfgeist/statuses/112719347840701222",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://digitalcourage.social/users/hopfgeist/statuses/112719347840701222",
"pink.momostr"
],
[
"expiration",
"1722687718"
]
],
"content": "Strange that the text on the qualys website would say that it affects \"glibc-based Linux systems\" (which are effectively all Linux systems), but the \"official\" mitre CVE site only talks about the race condition in the sshd server, without reference to any particular libc flavour.\n\nThe reference to glibc at first made it seem that NetBSD might be safe, but alas, it is also affected. The fix is quick and easy if you only operate a few systems.\n\nAlso noteworthy that this was only the second NetBSD Security advisory in 2024.",
"sig": "1e0b3dbdd0f76502a0d31953f65a8d2b08f39359b7c5a546caa7ef63c80f9287826c21455daa210055c8bef7100ef0376e1c277b4f0e56b1be9bb82c785a74f1"
}
