[tor-relays] CVE-2015-7547 Tor network stats
lcn at fastmail.net
Tue Feb 23 07:59:44 UTC 2016
Based on the exploit, aren't, at most, only the exits vulnerable? I
didn't think middles would do any DNS resolving.
Those like me running debian and putting off doing a reboot might find
needrestart (package of same name) and checkrestart (package
On Tue, 23 Feb 2016, at 07:16 AM, Dmitrii Tcvetkov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> On Mon, 22 Feb 2016 21:16:42 -0800
> Saint Aardvark the Carpeted <aardvark at saintaardvarkthecarpeted.com>
> > Most libraries aren't so central to everything that runs in Linux, and
> > restarting the programs that use the library in question is a
> > perfectly fine way to ensure you get the new library loaded. But libc
> > is so very central to absolutely *everything* (or nearly so) in Linux
> > that the best way to ensure everything gets the new, patched versions
> > is simply to reboot.
> It is true, but still reboot should not be so essential for glibc
> upgrade. You can just restart (not reload, SIGHUP will not help) services
> on your server and they will load new glibc. This will allow
> yout to delay server reboot until next kernel upgrade.
> IOW server reboot is easier but is not necessary.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> -----END PGP SIGNATURE-----
> tor-relays mailing list
> tor-relays at lists.torproject.org
More information about the tor-relays