FS#8652 — FS#12520 — glibc updates (CVE-2015-0235)
Attached to Project— Distributions/OS
Maintenance | |
Linux | |
CLOSED | |
![]() |
In order to fix the recently disclosed glibc vulnerability (see https://access.redhat.com/articles/1332213 for more details) our distribution images are being updated.
All Linux systems are affected.
Please make sure to update your existing installations as soon as possible:
- OVH Release 3, CentOS, Fedora: use "yum update" to update your system, then restart all services or reboot the server
- Debian, Ubuntu: use "apt-get update; apt-get upgrade" to update your system, then restart all services or reboot the server
- Ubuntu Desktop: use "sudo apt-get update; sudo apt-get upgrade" to update your system, then restart all services or reboot the server
- OVH Release 2: a patch has been prepared and is being tested before rollout.
To test if the vulnerability is fixed on your system you can download and compile "GHOST.c" as follows:
# wget ftp://ftp.ovh.net/made-in-ovh/security/GHOST.c
# gcc -o GHOST GHOST.c
# ./GHOST
Date: Friday, 13 March 2015, 18:26PMAll Linux systems are affected.
Please make sure to update your existing installations as soon as possible:
- OVH Release 3, CentOS, Fedora: use "yum update" to update your system, then restart all services or reboot the server
- Debian, Ubuntu: use "apt-get update; apt-get upgrade" to update your system, then restart all services or reboot the server
- Ubuntu Desktop: use "sudo apt-get update; sudo apt-get upgrade" to update your system, then restart all services or reboot the server
- OVH Release 2: a patch has been prepared and is being tested before rollout.
To test if the vulnerability is fixed on your system you can download and compile "GHOST.c" as follows:
# wget ftp://ftp.ovh.net/made-in-ovh/security/GHOST.c
# gcc -o GHOST GHOST.c
# ./GHOST
Reason for closing: Done
################ OVH Release 2 ################
The patch for OVH Release 2 (based on Gentoo) has been tested
internally, and is now publicly available here:
ftp://ftp.ovh.net/made-in-ovh/release/beta/patch-2.35-2.36.sh
Please note that it has not yet been mass tested. As of now, we advise
against using it on mission-critical servers.
Please also take note that the OVH Release 2 is nearing its end of
life, and support as well as security updates might be limited in
future.
################ OVH Release 2 ################
Release 2.36 is now considered stable. The patch is now available here:
ftp://ftp.ovh.net/made-in-ovh/release/patch-2.35-2.36.sh
and can be executed either its own or using the "patch-all" script (ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh)