On freesco 0.4.4, the command "ldd -v" yield the following result:
ldd: version 1.9.9Hence, if I righlty understand the advisory
http://www.openwall.com/lists/oss-security/2015/01/27/9, freesco is not vulnerable concerning de Ghost security threat since the glibc version is used is not affected by the vulnerability:
- The first vulnerable version of the GNU C Library is glibc-2.2,
released on November 10, 2000.
- We identified a number of factors that mitigate the impact of this
bug. In particular, we discovered that it was fixed on May 21, 2013
(between the releases of glibc-2.17 and glibc-2.18). Unfortunately, it
was not recognized as a security threat; as a result, most stable and
long-term-support distributions were left exposed (and still are):
Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7,
Ubuntu 12.04, for example.
Concerning the heartblead flaw, it concerns openssl which is there only if you did manually install it. In that case, you should check the version you installed and eventually take do whatever is necessary to patch ou install a safer verson.
Good luck.