[Triumf-linux-managers] Security update for glibc on Enterprise Linux (SL, CentOS..)
Andrew Daviel
advax at triumf.ca
Tue Jan 27 17:32:17 PST 2015
A vulnerability has been found in glibc that, while inadvertently fixed in
consumer versions of Linux, remains in the stable/entreprise versions such
as RHEL and therefore in Scientific Linux and CentOS.
Managers should update glibc, and as a precaution, restart any
public-facing services such as mail or webservers that may call
gethostbyname().
New versions of glibc are available from mirror.triumf.ca for SL5,6 and
CentOS 5,6 and should normally be installed automatically (but that will
not restart servers).
e.g. repeat until success (glibc showing a recent build date such as Jan
27 2015)
# rpm -qi glibc|grep Release
# yum update glibc (if not up-to-date)
# yum clean metadata (if required)
then
# service httpd restart
etc.
A proof of concept remote exploit exists for the Exim mail server.
A test program is included in the openwall post below.
http://www.openwall.com/lists/oss-security/2015/01/27/9
https://rhn.redhat.com/errata/RHSA-2015-0090.html
Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
More information about the Triumf-linux-managers
mailing list