Page 2 of 2 FirstFirst 12
Results 21 to 29 of 29

Thread: GHOST glibc Linux Remote Code Execution Vulnerability / gethostbyname CVE-2015-0235

  1. #21
    Join Date
    Oct 2004
    Location
    A Coruña, Spain
    Posts
    6,786
    Ok, thank you

    Regards
    SeLLeRoNe - Andrea Iannucci
    Head of Managed Service - Senior DevOps Engineer
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

  2. #22
    Join Date
    Apr 2009
    Posts
    2,391
    Quote Originally Posted by SeLLeRoNe View Post
    Is the reboot required after the update?
    GLIBC GHOST - do you really have to reboot? http://cloudlinux.com/blog/clnews/614.php

  3. #23
    Join Date
    Oct 2004
    Location
    A Coruña, Spain
    Posts
    6,786
    So my guess was valid xD

    Not a big issue, a reboot last night took 3mins... no one noticed it xD

    Regards
    SeLLeRoNe - Andrea Iannucci
    Head of Managed Service - Senior DevOps Engineer
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

  4. #24
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    4,084
    I was just wondering.
    It was said this security flaw was already present since 2010 and fixed with a glibc update later on. Only thing was they did not know there was an issue they fixed.
    You can also read this in the statements:
    We identified a number of factors that mitigate the impact of this
    bug. In particular, we discovered that it was fixed on May 21, 2013
    (between the releases of glibc-2.17 and glibc-2.18).
    So am I correct nobody's vulnarable, as long as they upgraded their OS everytime (like doing a weekly yum update and update kernels and glibc etc. etc.)?
    Greetings, Richard.

  5. #25
    Join Date
    May 2008
    Location
    The Netherlands
    Posts
    1,189
    Quote Originally Posted by Richard G View Post
    I was just wondering.
    It was said this security flaw was already present since 2010 and fixed with a glibc update later on. Only thing was they did not know there was an issue they fixed.
    You can also read this in the statements:

    So am I correct nobody's vulnarable, as long as they upgraded their OS everytime (like doing a weekly yum update and update kernels and glibc etc. etc.)?
    It says right after that:

    Unfortunately, it
    was not recognized as a security threat; as a result, most stable and
    long-term-support distributions were left exposed (and still are):
    Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7,
    Ubuntu 12.04, for example.
    So everyone using normal yum updates were vulnerable, up to a few days ago when they updated the packages.
    ~ Arieh

  6. #26
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    4,084
    Well that's the part i don't understand.
    I thought those systems were left explosed because maybe a lot of admins don't update with yum.

    So what I don't understand is.... it's fixed in 2013, but not recognized as a thread. But it -is- fixed. So if you upgraded in 2013 to that fixed version, how can there be systems left exposed?
    Isn't it so that this can only happen if people did not upgrade to that new glibc in 2013?

    I don't quite understand this, looks contradictory to me (or how do you say that in English).

    Just in Dutch because I know you understand this.
    Als er dus in 2013 een nieuwe versie was met een fix, dan maakt het toch niet uit of ze wel of niet weten dat ze een gat gefixed hebben? Die nieuwe versie van 2013 is dan toch een gefixte versie, als je glibc toen dus geupdate hebt, moet je toch veilig zijn?
    Daarom snap ik dat tweede deel tekst niet. Dacht dat 2de deel alleen betrekking had op admins die installeren en nadien niet meer updaten.
    Greetings, Richard.

  7. #27
    Join Date
    May 2008
    Location
    The Netherlands
    Posts
    1,189
    I think you'll get it in English

    Distributions like CentOS Debian etc don't use clean releases of software in their packages, they maintain them themselves. That way people can install it faster, the software is modified to fit the OS its standards, paths and updating things.

    So if there are updates for the software/libraries etc. They often just take the specific changes in the updates and apply them to their own packages. For instance it is fixed in glibc 2.18, but Debian 7 most recent package is 2.13-38+deb7u7, in which they fixed the bug.
    ~ Arieh

  8. #28
    Join Date
    Jul 2006
    Location
    isreal
    Posts
    473
    now new kernel has been released:
    for centos 7
    kernel-3.10.0-123.20.1.el7

  9. #29
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    4,084
    @Arieh: Aha, like that. No sorry I did not know that they only took out what was needed. I thought if there were upgrades, it was updated as fully as possible, but only make them compatible to work under their OS.
    It seems I was wrong. And now I do understand why it was still vulnarable. Thank you for explaining. Indeed I understood this in English too.
    Greetings, Richard.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •