> is the latest system vm template vulnerable to CVE-2015-7547 > (https://security-tracker.debian.org/tracker/CVE-2015-7547)? > I cannot find anything about it in the mailinglist and/or CS page.
If you ssh into the system-VMs, you'll find the vulnurable version of libc. to mitigate this, we've updated the libc (and only the installed libc-packages) in the running system-VMs and rebooted them. Additionally, we've updated the libc in the respective template. Since we're using XenServer, thats a vhd located at the 2nd. storage, which we've chroot'ed into, using blktap2, kpartx and mount. cheers, - Stephan
