I just tested my Debian linode after an apt-get clean, update,
dist-upgrade, and the test program says it is not vulnerable. The upgrade
did install some glibc patches. However, I have glibc 2.13 running. Should
I be concerned?

I found a c program on a site talking about the ghost issue and used it to
test my system.
http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/

mark@swordfish:~/ghost-test$ ldd --version
ldd (Debian EGLIBC 2.13-38+deb7u7) 2.13

I am running Debian GNU/Linux 7 (wheezy).

Thanks,

Mark

On Wed, Jan 28, 2015 at 11:40 AM, Michael Butash <michael@butash.net> wrote:

>  Problem is I'm finding this morning all the hardware vendors that use
> linux under their os, which is pretty much all of them these days from a
> few $100k routers and switches to my dd-wrt box at home, even storage,
> firewalls, etc.  Clients want a fix, now waiting on the vendors again.  :\
>
> Shellshock was the same way, some cases took weeks.  Funny how my Cisco's
> and Arista's are vulnerable to things like shellshock, but my dd-wrt box
> wasn't.  I don't think so lucky with this one though.
>
> -mb
>
>
> On 01/28/2015 10:35 AM, Michael Havens wrote:
>
>  From the mint forums:
> Linux Mint 17, or in fact any distro with glibc newer than 2.17, wasn't
> vulnerable to this. (First ISO of Linux Mint 17 already shipped with glibc
> 2.19.)
>
>
>  :-)~MIKE~(-:
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>