About the GNU C Library (glibc) bug CVE-2015-7547

It has been another interesting week from the security perspective, since most administrators have been busy in the past few days patching the latest vulnerability marked as CVE-2015-7547.

It is a buffer overflow in the getaddrinfo() function which is a part of the GNU C Library (glibc), you can read more about it at the following links:

Even though this is not a bug in our software, it is a bug in one of the core Linux libraries – we feel that a bug with such severity deserves a blog post so that our users can be informed of the actions taken by our administrators, as well as any additional recommendations.

ISL Online administrators have promptly applied the glibc patches to all the appropriate server machines as soon as they became available in the official repositories, so hosted service (SaaS) users do not need to do anything.

However, if you are a server licence user and your server is running Linux, then remind your administrator to consult the appropriate Linux distribution’s security announcement and check if you are running a vulnerable version of glibc, then act accordingly.
Server licence users should follow security best practices, especially keeping their servers up to date with the latest security patches – this means both the operating system and ISL Conference Proxy.

This entry was posted in bugs, Linux, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s