[tor-relays] CVE-2015-7547 Tor network stats

Saint Aardvark the Carpeted aardvark at saintaardvarkthecarpeted.com
Tue Feb 23 05:16:42 UTC 2016

SuperSluether disturbed my sleep to write:
> Hi,
> My Raspberry Pi and Ubuntu Server already have the updated version of libc6.
> Is a reboot still required? I thought only kernel updates required a reboot.

When you update a shared library, any running program that uses that
library still has the *old* copy in memory until that program is
restarted.  Say you've got a program named "foo" running on your
server that uses a library named "libbar", and you upgrade libbar
without restarting foo.  The running instance of foo still has the
*old* version of libbar in its memory, and will not get the new one
until it's restarted.

Most libraries aren't so central to everything that runs in Linux, and
restarting the programs that use the library in question is a
perfectly fine way to ensure you get the new library loaded.  But libc
is so very central to absolutely *everything* (or nearly so) in Linux
that the best way to ensure everything gets the new, patched versions
is simply to reboot.

Saint Aardvark the Carpeted
Because the plural of Anecdote is Myth.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160222/0542d8a0/attachment.sig>

More information about the tor-relays mailing list