For RHEL/COS 5 ??? -- Davide E. Bovolenta Multimedia sas via Borsi, 18 – 28100 Novara - Italy Phone +39.0321.1833378 Fax +39.0321.621494 Mobile +39.340.3602035
Questa comunicazione e ogni eventuale file allegato sono confidenziali e destinati all'uso esclusivo del destinatario. Se avete ricevuto questo messaggio per errore Vi preghiamo di comunicarlo al mittente e distruggere quanto ricevuto. Il mittente, tenuto conto del mezzo utilizzato, non si assume alcuna responsabilità in ordine alla segretezza e riservatezza delle informazioni contenute nella presente comunicazione via e-mail. --------------------------------------------------------------------- The information contained in this e-mail message is confidential and intended only for the use of the individual or entity named above. If you are not the intended recipient, please notify us immediately by telephone or e-mail and destroy this communication. Due to the way of the transmission, we do not undertake any liability with respect to the secrecy and confidentiality of the information contained in this e-mail message. Da: Dan McAllister <[email protected]> Risposta: <[email protected]> Data: venerdì 19 febbraio 2016 17:08 A: "[email protected]" <[email protected]> Oggetto: [qmailtoaster] glibc Critical Vulnerability - PLEASE READ! Gentle Readers: Google and Red Hat have independently discovered a serious vulnerability in glibc, present since the release of version 2.9 -- remote code execution is more than just a theoretical possibility! Detailed technical details are available on the Google security blog at https://googleonlinesecurity.blogspot.ca/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html, but essentially, the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the gettaddrinfo() library function is used. (This is the access of the servers listed in /etc/resolv.conf to execute DNS lookups - and has NOTHING TO DO with hosting your own DNS server or resolver!) If you are running a mail server (QMail or other), you are relying HEAVILY on this library ... at EXACTLY the crux of this vulnerability! Do yourself a favor and update TODAY (or, at the very least, over the weekend!). If you are running RHEL or CentOS 6 or 7, you are likely vulnerable. (If you are still on RHEL or CentOS 4 or 5, your procrastination has accidentally served you well - you never got the update to 2.9, and so while you do have other vulnerabilities, you don't have THIS ONE!). Red Hat has released a PATCH -- and in 6, you will have to reboot to effect the change. Fortunately, in 7 there is a command that will swap in the new glibc "live". (See below) The earliest PATCHED versions of glibc for RedHat/CentOS are: - RHEL/COS 6 : glibc-2.12-1.166.el6_7.7 - RHEL/COS 7 : glibc-2.17-106.el7_2.4 NOTE: On 7, you can run the command: systemctl daemon-reexec to load the updated library, and thus avoid a reboot. If you haven't updated your system within the past day or two, you likely need this patch! A simple yum update -y should get you the newest version, as the REPOs should all have the latest release by now. Have a good weekend! LOL Dan McAllister IT4SOHO PS: Yes, I have over 40 Linux servers that will have to be managed in the next 2-3 days... happy working weekend for me!
