critical security flaw on Linux operation systems

  • Monday, 2nd February, 2015
  • 11:40am
Dear Customer / Reseller,


last evening a critical security issue was identified under 
CVE-2015-0235 in the Linux system library .
The vulnerability is rated "critical" in many Linux distributions, 
however it only affects a limited number of programs. These include the 
exim mailserver and procmail mailserver. All common distributions have 
already issued an update.

You can find further details in this article: 
http://www.openwall.com/lists/oss-security/2015/01/27/9


The following versions are no longer vulnerable.

Debian 6 - 2.11.3-4+deb6u4
Debian 7 - 2.13-38+deb7u7
CentOS 5 - 2.5-123.el5_11.1
CentOS 6 - 2.12-1.149.el6_6.5
CentOS 7 - 2.17-55.el7_0.5


You can use the following commands to install the update.

Debian/Ubuntu: apt-get update; apt-get install --only-upgrade libc6
RedHat-based (Fedora, CentOS, Scientific Linux): yum update glibc


You should reboot the server after the update so that all services can 
load the new library.

We would always strongly recommend updating your system regularly. If 
you need help with this then our support will gladly provide help and 
advice.


Best Regards
Your Support-Team

« Back