matthew,
@matthew@social.retroedge.tech avatar

Question on the PHP glibc vulnerability:

Does anyone know a blog post or other documentation for how to turn off the character set that allows the vulnerability in Ubuntu and Debian?

Here's a good blog post by Rocky Linux on the subject, but I'm not sure how to translate the instructions to Debian and Ubuntu.

https://rockylinux.org/pt_BR/news/glibc-vulnerability-april-2024/?language=en

ramsey,
@ramsey@phpc.social avatar

@matthew There’s some information on the official @php website that might be helpful: https://www.php.net/archive/2024.php#2024-04-24-1

toiletpaper,
@toiletpaper@shitposter.world avatar

@matthew

I just did this on my VPS running Ubuntu (focal) 20.04.6 LTS as follows...

sudo $EDITOR /usr/lib/x86_64-linux-gnu/gconv/gconv-modules

search for "ISO2022CNEXT" and comment out lines per above instructions

sudo iconvconfig
iconv -l | grep -E 'CN-?EXT'

derickr,
@derickr@phpc.social avatar

@toiletpaper @matthew there can be multiple gconv-modules files, in other /usr/lib/*/gconv directories

  • All
  • Subscribed
  • Moderated
  • Favorites
  • sysadmin
  • DreamBathrooms
  • magazineikmin
  • thenastyranch
  • Youngstown
  • Durango
  • rosin
  • slotface
  • everett
  • InstantRegret
  • PowerRangers
  • kavyap
  • tsrsr
  • ngwrru68w68
  • khanakhh
  • tester
  • hgfsjryuu7
  • GTA5RPClips
  • osvaldo12
  • cubers
  • tacticalgear
  • ethstaker
  • mdbf
  • vwfavf
  • normalnudes
  • modclub
  • cisconetworking
  • Leos
  • anitta
  • All magazines
    •