An audit of our glibc packages in Red Hat Enterprise Linux found a
potential flaw in the resolver which was part of a security update to
BIND 4 in November 2002.
glibc as provided by Red Hat Enterprise Linux 2.1 does not include
this patch. We're investigating to see if this is actually an issue
for the glibc-2.2.4 as shipped in RHEL2.1 or is mitigated by other
changes, but will include the fix in the next update in any event.
glibc-2.2.4-32.17 is in dist-2.1AS-errata-candidate.
An errata has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.