Glibc critical security flaw: CVE-2015-7547

A critical security flaw has been found inside glibc library.
All NethServer 6.x and 7.x are affected.

As suggested by upstream, we strongly advise to update the system by executing the following command:

yum --enablerepo=centos-updates update

At the end of the process, verify the installed glibc release with this command:

rpm -q glibc

Result on NS 6 should be:

glibc-common-2.12-1.166.el6_7.7.x86_64.rpm

Result on NS 7 should be:

glibc-2.17-106.el7_2.4.x86_64.rpm

At the end, reboot the system. If you can’t reboot your machine, you will find more information on how to handle the update on production environments at the following link: Critical security flaw: glibc stack-based buffer overflow in getaddrinfo() (CVE-2015-7547) - Red Hat Customer Portal

Upstream announces:

The full story is here:

3 Likes

It’s already available in the gui, Software Center updates.

1 Like