A critical security flaw has been found inside glibc library.
All NethServer 6.x and 7.x are affected.
As suggested by upstream, we strongly advise to update the system by executing the following command:
yum --enablerepo=centos-updates update
At the end of the process, verify the installed glibc release with this command:
rpm -q glibc
Result on NS 6 should be:
glibc-common-2.12-1.166.el6_7.7.x86_64.rpm
Result on NS 7 should be:
glibc-2.17-106.el7_2.4.x86_64.rpm
At the end, reboot the system. If you can’t reboot your machine, you will find more information on how to handle the update on production environments at the following link: Critical security flaw: glibc stack-based buffer overflow in getaddrinfo() (CVE-2015-7547) - Red Hat Customer Portal
Upstream announces:
- RHEL/CentOS 6: https://rhn.redhat.com/errata/RHSA-2016-0175.html
- RHEL/CentOS 7: https://rhn.redhat.com/errata/RHSA-2016-0176.html
The full story is here: