Is this a Security Problem with Pfsense
-
https://security.googleblog.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
Is this a problem with Pfsense?
What network adjustment should be done to protect devices that have not been patched?
-
@https://blog.des.no/2016/02/freebsd-and-cve-2015-7547/:
First of all: neither FreeBSD itself nor native FreeBSD applications are affected. While the resolver in FreeBSD’s libc and GNU libc share a common ancestry, the bug was introduced when the latter was rewritten to send A and AAAA queries in parallel rather than sequentially when the application requests both.
-
The base FreeBSD has never used glibc and never will because of the licence.
-
What about the second question. Is there a rule I can apply to protect unpatched devices?