Skip to Content.
Sympa Menu

perfsonar-announce - GHOST vulnerability

Subject: perfSONAR Announcements

List archive

GHOST vulnerability


Chronological Thread 
  • From: Andrew Lake <>
  • To: "" <>, perfsonar-announce <>
  • Subject: GHOST vulnerability
  • Date: Tue, 27 Jan 2015 13:00:47 -0500

Hi,

This morning a new vulnerability in glibc was announced currently going by
the name of GHOST. You can find more info here:

http://www.openwall.com/lists/oss-security/2015/01/27/9

The problem can be triggered remotely through the gethostbyname function.
This problem is not specific to the perfSONAR Toolkit and has the potential
to impact many common Linux services. RedHat and CentOS do not yet have a
patch available but expect one soon. The RedHat page where this CVE is being
tracked can be found here:

https://access.redhat.com/security/cve/CVE-2015-0235

We will let you know when an update is available. If you have auto-updates on
you should get the update shortly after it comes out, though it may require a
system reboot to ensure all required services are updated properly (we will
let you know for sure when the update is available). Thanks for your patience
in the matter and we will do our best to keep you updated as more information
arrives

Thank you,
The perfSONAR team

  • GHOST vulnerability, Andrew Lake, 01/27/2015

Archive powered by MHonArc 2.6.16.

Top of Page