Joern, yes, that's what's happening, the new libnss_dns is being dynamically loaded (dlopen'ed) but ends up querying the older libresolv/libc, and there was mistakenly an ABI change introduced to cope with CVE-2015-5180.
There are currently test glibc/eglibc packages building in the https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/ that revert this change (as it breaks other things, see bug 1674532). Unfortunately, when the reversion is issued, that will likely mean needing to restart you php-fpm processes again. :( I'm terribly sorry about that. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-5180 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1674733 Title: php_network_getaddresses since last update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1674733/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs