New vunerability found - GHOST

Hi

I read this morning about a new vunerability which may affect your server.

To make sure your not affected, yum update glibc and reboot server. However, it may have already been patched.

Please follow this link to read more

Many thanks

John

Hi
I have had time to put together actions needed for Centos 6.6 (it most likely would work with Centos 6 versions, Centos 7 I do not have but I suspect is similar) as below. Please only run the checker if your happy to, but you do so at your own risk.
wget https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c
yum install gcc

gcc gistfile1.c -o CVE-2015-0235
./CVE-2015-0235
If shown as Vunerable
yum clean all && yum update “glibc*”
Reboot server
If you prefer, you can bypass the vunerability check and proceed to yum update.
Many thanks
John

Just updated it’s taken them a while to get it out on the mirror we use (GB):


[root@test3 ~]# yum update glibc -y
Loaded plugins: fastestmirror
Setting up Update Process
Loading mirror speeds from cached hostfile
epel/metalink                                                            |  12 kB     00:00     
 * base: centos.aol.com
 * epel: mirror.cogentco.com
 * extras: www.gtlib.gatech.edu
 * updates: mirror.teklinks.com
base                                                                     | 3.7 kB     00:00     
extras                                                                   | 3.4 kB     00:00     
interworx-release                                                        | 2.5 kB     00:00     
interworx-release-noarch                                                 | 2.5 kB     00:00     
interworx-stable                                                         | 2.5 kB     00:00     
interworx-stable-noarch                                                  | 2.5 kB     00:00     
updates                                                                  | 3.4 kB     00:00     
updates/primary_db                                                       | 1.6 MB     00:00     
Resolving Dependencies
--> Running transaction check
---> Package glibc.x86_64 0:2.12-1.149.el6_6.4 will be updated
--> Processing Dependency: glibc = 2.12-1.149.el6_6.4 for package: glibc-common-2.12-1.149.el6_6.4.x86_64
--> Processing Dependency: glibc = 2.12-1.149.el6_6.4 for package: glibc-devel-2.12-1.149.el6_6.4.x86_64
--> Processing Dependency: glibc = 2.12-1.149.el6_6.4 for package: glibc-headers-2.12-1.149.el6_6.4.x86_64
---> Package glibc.x86_64 0:2.12-1.149.el6_6.5 will be an update
--> Running transaction check
---> Package glibc-common.x86_64 0:2.12-1.149.el6_6.4 will be updated
---> Package glibc-common.x86_64 0:2.12-1.149.el6_6.5 will be an update
---> Package glibc-devel.x86_64 0:2.12-1.149.el6_6.4 will be updated
---> Package glibc-devel.x86_64 0:2.12-1.149.el6_6.5 will be an update
---> Package glibc-headers.x86_64 0:2.12-1.149.el6_6.4 will be updated
---> Package glibc-headers.x86_64 0:2.12-1.149.el6_6.5 will be an update
--> Finished Dependency Resolution


Dependencies Resolved


================================================================================================
 Package                 Arch             Version                       Repository         Size
================================================================================================
Updating:
 glibc                   x86_64           2.12-1.149.el6_6.5            updates           3.8 M
Updating for dependencies:
 glibc-common            x86_64           2.12-1.149.el6_6.5            updates            14 M
 glibc-devel             x86_64           2.12-1.149.el6_6.5            updates           983 k
 glibc-headers           x86_64           2.12-1.149.el6_6.5            updates           612 k


Transaction Summary
================================================================================================
Upgrade       4 Package(s)


Total download size: 20 M
Downloading Packages:
(1/4): glibc-2.12-1.149.el6_6.5.x86_64.rpm                               | 3.8 MB     00:00     
(2/4): glibc-common-2.12-1.149.el6_6.5.x86_64.rpm                        |  14 MB     00:00     
(3/4): glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm                         | 983 kB     00:00     
(4/4): glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm                       | 612 kB     00:00     
------------------------------------------------------------------------------------------------
Total                                                            12 MB/s |  20 MB     00:01     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : glibc-2.12-1.149.el6_6.5.x86_64                                              1/8 
  Updating   : glibc-common-2.12-1.149.el6_6.5.x86_64                                       2/8 
  Updating   : glibc-headers-2.12-1.149.el6_6.5.x86_64                                      3/8 
  Updating   : glibc-devel-2.12-1.149.el6_6.5.x86_64                                        4/8 
  Cleanup    : glibc-devel-2.12-1.149.el6_6.4.x86_64                                        5/8 
  Cleanup    : glibc-headers-2.12-1.149.el6_6.4.x86_64                                      6/8 
  Cleanup    : glibc-2.12-1.149.el6_6.4.x86_64                                              7/8 
  Cleanup    : glibc-common-2.12-1.149.el6_6.4.x86_64                                       8/8 
  Verifying  : glibc-common-2.12-1.149.el6_6.5.x86_64                                       1/8 
  Verifying  : glibc-devel-2.12-1.149.el6_6.5.x86_64                                        2/8 
  Verifying  : glibc-headers-2.12-1.149.el6_6.5.x86_64                                      3/8 
  Verifying  : glibc-2.12-1.149.el6_6.5.x86_64                                              4/8 
  Verifying  : glibc-headers-2.12-1.149.el6_6.4.x86_64                                      5/8 
  Verifying  : glibc-common-2.12-1.149.el6_6.4.x86_64                                       6/8 
  Verifying  : glibc-2.12-1.149.el6_6.4.x86_64                                              7/8 
  Verifying  : glibc-devel-2.12-1.149.el6_6.4.x86_64                                        8/8 


Updated:
  glibc.x86_64 0:2.12-1.149.el6_6.5                                                             


Dependency Updated:
  glibc-common.x86_64 0:2.12-1.149.el6_6.5        glibc-devel.x86_64 0:2.12-1.149.el6_6.5      
  glibc-headers.x86_64 0:2.12-1.149.el6_6.5      


Complete!
[root@test3 ~]#

Hi

Interestingly, our servers are showing kernel updates today with glib

Many thanks

John