Security issue in libraries used by LDM

Hello LDM Users,

The UPC has become aware of a security vulnerability in the XDR
library.  The XDR library is used by the remote procedure call (RPC)
functions used by the LDM.  Further information about the vulnerability
is provided at http://www.cert.org/advisories/CA-2002-25.html.

The LDM links with the relevant libraries (libnsl and libc or glibc)
dynamically.  This means that the vulnerability is not part of the LDM
code per se (including binaries we provide), so we can not fix the
problem.  Rather, sites must upgrade their libraries when patches become
available.  The web site above includes vendor information for patches. 
At this time not all vendors have made patches available, but if you
follow the site they will post information from vendors when they
receive it.

We advise you to apply the patches from your vendor when they become
available.

Please send any questions to support@xxxxxxxxxxxxxxxx.  Thank you for
your attention.

Anne
-- 
***************************************************
Anne Wilson                     UCAR Unidata Program            
anne@xxxxxxxxxxxxxxxx                  P.O. Box 3000
                                  Boulder, CO  80307
----------------------------------------------------
Unidata WWW server       http://www.unidata.ucar.edu/
****************************************************

  • 2002 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the ldm-users archives: