X2Go Bug report logs - #778
affected by CVE 2015-0235: Stop using gethosbyname()

Package: nx-libs; Maintainer for nx-libs is X2Go Developers <x2go-dev@lists.x2go.org>;

Reported by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Date: Sun, 1 Feb 2015 07:05:02 UTC

Severity: important

Done: Stefan Baur <X2Go-ML-1@baur-itcs.de>

Bug is archived. No further changes may be made.

Full log


🔗 View this message in rfc822 format

MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
X-Loop: owner@bugs.x2go.org
From: owner@bugs.x2go.org (X2Go Bug Tracking System)
Subject: Bug#778 closed by Stefan Baur <X2Go-ML-1@baur-itcs.de>
 (Migrating/Closing)
Message-ID: <handler.778.q778.170621950121006.notifdone@bugs.x2go.org>
References: <da7ad473-bf9b-4446-9393-b9d2aa49f49c@baur-itcs.de>
X-X2go-PR-Message: they-closed 778
X-X2go-PR-Package: nx-libs
Date: Thu, 25 Jan 2024 21:55:02 +0000
Content-Type: multipart/mixed; boundary="----------=_1706219702-21226-0"
[Message part 1 (text/plain, inline)]
This is an automatic notification regarding your Bug report
which was filed against the nx-libs package:

#778: affected by CVE 2015-0235: Stop using gethosbyname()

It has been closed by Stefan Baur <X2Go-ML-1@baur-itcs.de>.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Stefan Baur <X2Go-ML-1@baur-itcs.de> by
replying to this email.


-- 
778: https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=778
X2Go Bug Tracking System
Contact owner@bugs.x2go.org with problems
[Message part 2 (message/rfc822, inline)]
From: Stefan Baur <X2Go-ML-1@baur-itcs.de>
To: 778-quiet@bugs.x2go.org
Subject: Migrating/Closing
Date: Thu, 25 Jan 2024 22:51:36 +0100
Control: close -1
Control: archive -1

This issue is now being tracked in the Arctica Issue Tracker over on 
Github: <https://github.com/ArcticaProject/nx-libs/issues/1070>

Kind Regards,
Stefan Baur
-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

[Message part 3 (message/rfc822, inline)]
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: submit@bugs.x2go.org
Subject: affected by CVE 2015-0235: Stop using gethosbyname()
Date: Sun, 01 Feb 2015 08:04:41 +0100
Package: src:nx-libs
Severity: important

The NX source code uses gethostbyname() at several locations and is potentially affected by CVE 2015-0235 (GHOST security issue in glibc).

We should move towards using getaddrinfo() asap.

Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976148

GnuPG Key ID 0x25771B13
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Nov 21 15:38:38 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.