last evening (27.01.2015) a critical security issue was identified underÂ
CVE-2015-0235 in the Linux system library .
The vulnerability is rated "critical" in many Linux distributions,Â
however it only affects a limited number of programs. These include theÂ
exim mailserver and procmail mailserver. All common distributions haveÂ
already issued an update.
You can find further details in this article:Â
http://www.openwall.com/lists/oss-security/2015/01/27/9
The following versions are no longer vulnerable.
Debian 6 - 2.11.3-4+deb6u4
Debian 7 - 2.13-38+deb7u7
CentOS 5 - 2.5-123.el5_11.1
CentOS 6 - 2.12-1.149.el6_6.5
CentOS 7 - 2.17-55.el7_0.5
You can use the following commands to install the update.
Debian/Ubuntu: apt-get update; apt-get install --only-upgrade libc6
RedHat-based (Fedora, CentOS, Scientific Linux): yum update glibc
You should reboot the server after the update so that all services canÂ
load the new library.
We would always strongly recommend updating your system regularly. IfÂ
you need help with this then our support will gladly provide help andÂ
advice.
Best Regards
Your Support-Team
Thursday, January 29, 2015