perfsonar-announce - GHOST vulnerability
Subject: perfSONAR Announcements
List archive
- From: Andrew Lake <>
- To: "" <>, perfsonar-announce <>
- Subject: GHOST vulnerability
- Date: Tue, 27 Jan 2015 13:00:47 -0500
Hi,
This morning a new vulnerability in glibc was announced currently going by
the name of GHOST. You can find more info here:
http://www.openwall.com/lists/oss-security/2015/01/27/9
The problem can be triggered remotely through the gethostbyname function.
This problem is not specific to the perfSONAR Toolkit and has the potential
to impact many common Linux services. RedHat and CentOS do not yet have a
patch available but expect one soon. The RedHat page where this CVE is being
tracked can be found here:
https://access.redhat.com/security/cve/CVE-2015-0235
We will let you know when an update is available. If you have auto-updates on
you should get the update shortly after it comes out, though it may require a
system reboot to ensure all required services are updated properly (we will
let you know for sure when the update is available). Thanks for your patience
in the matter and we will do our best to keep you updated as more information
arrives
Thank you,
The perfSONAR team
- GHOST vulnerability, Andrew Lake, 01/27/2015
Archive powered by MHonArc 2.6.16.