Re: [Tails-dev] Is Tails affected by the CVE-2015-7547 glibc…

This message is part of the following thread:
Mthe complete thread tree sorted by date
Mco at <-
MJurre van Bergen at ->
Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Is Tails affected by the CVE-2015-7547 glibc getaddrinfo() vulnerability?
Hi,

my understanding is that clients that use Tor SOCKS port for name
resolution are fine.

For clients who use the DNSPort, it's not clear to me if an
attacker-controlled payload can make it's way from the exit node being
used for the name resolution to the client. Has anyone looked
into this?

Cheers,
--
intrigeri

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-[Tails-dev] [Tails - Feature #10972] Port Tails to ARM platformsRe: [Tails-dev] Is Tails affected by the CVE-2015-7547 glibc getaddrinfo() vulnerability?->
lists.autistici.org administrated by postmasterLurker (version 2.3)