Hello LDM Users,
The UPC has become aware of a security vulnerability in the XDR
library. The XDR library is used by the remote procedure call (RPC)
functions used by the LDM. Further information about the vulnerability
is provided at http://www.cert.org/advisories/CA-2002-25.html.
The LDM links with the relevant libraries (libnsl and libc or glibc)
dynamically. This means that the vulnerability is not part of the LDM
code per se (including binaries we provide), so we can not fix the
problem. Rather, sites must upgrade their libraries when patches become
available. The web site above includes vendor information for patches.
At this time not all vendors have made patches available, but if you
follow the site they will post information from vendors when they
receive it.
We advise you to apply the patches from your vendor when they become
available.
Please send any questions to support@xxxxxxxxxxxxxxxx. Thank you for
your attention.
Anne
--
***************************************************
Anne Wilson UCAR Unidata Program
anne@xxxxxxxxxxxxxxxx P.O. Box 3000
Boulder, CO 80307
----------------------------------------------------
Unidata WWW server http://www.unidata.ucar.edu/
****************************************************
